CVE-2021-24587
CVE-2021-24587 affects the Splash Header WordPress plugin prior to version 1.20.8. The underlying issue is improper sanitisation/escaping of certain plugin settings when they are output in the admin dashboard, enabling authenticated stored Cross-Site Scripting (XSS). The documented impact is an a...