CVE-2021-24444

CVE-2021-24444

The TaxoPress – Create and Manage Taxonomies, Tags, Categories WordPress plugin before 3.7.0.2 does not sanitise its Taxonomy description field, allowing high privilege users to set JavaScript payload in them even when the unfiltered_html capability is disallowed, leading to an authenticated Stored Cross-Site Scripting issue.

Source: CVE-2021-24444

댓글 남기기

이메일은 공개되지 않습니다. 필수 입력창은 * 로 표시되어 있습니다

Time limit is exhausted. Please reload the CAPTCHA.