RSS   Vulnerabilities for 'Sociable'   RSS

2021-10-18
 
CVE-2021-24612

CWE-79
 

 
The Sociable WordPress plugin through 4.3.4.1 does not sanitise or escape some of its settings before outputting them in the admins dashboard, allowing high privilege users to perform Cross-Site Scripting attacks against other users even when the unfiltered_html capability is disallowed

 


Copyright 2024, cxsecurity.com

 

Back to Top