CVE-2021-24621

CVE-2021-24621

The WP Courses LMS WordPress plugin before 2.0.44 does not sanitise its Video Embed Code, allowing malicious code to be injected in it by high privilege users, even when the unfiltered_html capability is disallowed, which could lead to Stored Cross-Site Scripting issues

Source: CVE-2021-24621

답글 남기기

이메일 주소는 공개되지 않습니다. 필수 필드는 *로 표시됩니다