CVE-2021-24479

Summary

The DrawBlog WordPress plugin through 0.90 does not sanitise or validate some of its settings before outputting them back in the page, leading to an authenticated stored Cross-Site Scripting issue

Affected Software

VendorProductVersion RangeStatus
UnknownDrawBlog0.90 <= 0.90affected

Weaknesses

  • CWE-79: CWE-79 Cross-site Scripting (XSS)

ADP Enrichment

CVE Program Container

Additional References

References