CVE-2021-24305
The CVE-2021-24305 entry describes a stored, unauthenticated XSS in the Target First WordPress Plugin v2.0 (Watcheezy). The vulnerability is triggered via a POST that includes the parameter weeWzKey , which is saved as the weeID option without sanitization. The impact is that an attacker can modi...