CVE-2021-36910
This CVE affects the WordPress WP-Appbox plugin up to version 4.3.20, with an authenticated (admin) stored XSS vulnerability in the plugin’s settings. The root cause involves insufficient sanitization/escaping for certain plugin settings, allowing a high-privilege user to inject scripts that are ...