CVE-2021-24504
The CVE-2021-24504 entry covers the WP LMS – Best WordPress LMS Plugin (versions up to 1.1.2). The issue is stored XSS caused by improper sanitisation/validation of User Field Titles, coupled with missing CSRF and capability checks. Several connected sources corroborate unauthenticated XSS and in...