CVE-2021-24309
CVE-2021-24309 affects the WordPress Weekly Schedule plugin prior to version 3.4.3, where the Schedule Name input was not properly sanitized, enabling authenticated users to inject JavaScript via [removed] tags and trigger a stored XSS. Affected component: the plugin’s general options Schedule Na...