CVE-2021-24419
Summary: CVE-2021-24419 affects the WordPress WP YouTube Lyte plugin versions before 1.7.16. The root cause is failure to sanitize/escape the lyte_yt_api_key and lyte_notification settings before output, enabling authenticated, high-privilege users to inject stored XSS payloads. Impact: stored Cr...