CVE-2021-24634

CVE-2021-24634

The Recipe Card Blocks by WPZOOM WordPress plugin before 2.8.3 does not properly sanitise or escape some of the properties of the Recipe Card Block (such as ingredientsLayout, iconSet, steps, ingredients, recipeTitle, or settings), which could allow users with a role as low as contributor to perform Stored Cross-Site Scripting attacks.

Source: CVE-2021-24634

답글 남기기

이메일 주소는 공개되지 않습니다. 필수 필드는 *로 표시됩니다