CVE-2021-24464
N/A
N/A
Summary
The YouTube Embed, Playlist and Popup by WpDevArt WordPress plugin before 2.3.9 did not escape, validate or sanitise some of its shortcode options, available to users with a role as low as Contributor, leading to an authenticated Stored Cross-Site Scripting issue.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| Unknown | YouTube Embed, Playlist and Popup by WpDevArt | 2.3.9 < 2.3.9 | affected |
Weaknesses
- CWE-79: CWE-79 Cross-site Scripting (XSS)
ADP Enrichment
CVE Program Container
Additional References
References
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.