CVE

CVE-2021-24346

admin

CVE-2021-24346

The Stock in & out WordPress plugin through 1.0.4 has a search functionality, the lowest accessible level to it being contributor. The srch POST parameter is not validated, sanitised or escaped before using it in the echo statement, leading to a reflected XSS issue

Source: CVE-2021-24346

Exit mobile version