Prismatic Security Vulnerabilities and Issues — Prismatic CVE List

Lucene search

Plugin-planetPrismatic

1 matches found

CVE•added 2021/07/12 8:15 p.m.•33 views

CVE-2021-24408

The Prismatic WordPress plugin before 2.8 does not sanitise or validate some of its shortcode parameters, allowing users with a role as low as Contributor to set Cross-Site payload in them. A post made by a contributor would still have to be approved by an admin to have the XSS trigger able in the ...

5.4CVSS5.2AI score0.00162EPSS