CVE-2021-24895 in Cybersoldier Plugin
Sumário
de MITRE • 14/03/2022
The Cybersoldier WordPress plugin before 1.7.0 does not sanitise and escape the URL settings before outputting it in an attribute, which could allow high privilege users to perform Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed
VulDB is the best source for vulnerability data and more expert information about this specific topic.