CVE-2021-24381
The CVE-2021-24381 entry concerns WordPress Ninja Forms Contact Form plugin versions before 3.5.8.2. The issue is that the plugin does not sanitize and escape the custom class name of the form field it creates, enabling stored Cross-Site Scripting (XSS) by high-privilege users even when unfiltere...