CVE-2021-24367
CVE-2021-24367 affects the WordPress plugin WP Config File Editor up to version 1.7.1, which contains an Authenticated Stored Cross-Site Scripting (XSS) flaw. The vulnerability arises within the plugin’s admin-facing functionality; exploitation requires authentication (typically an admin). A PoC ...