The RSS for Yandex Turbo WordPress plugin before 1.30 did not properly sanitise the user inputs from its Счетчики settings tab before outputting them back in the page, leading to authenticated stored Cross-Site Scripting issues
History

No history.

cve-icon MITRE

Status: PUBLISHED

Assigner: WPScan

Published: 2021-05-14T11:38:16

Updated: 2024-08-03T19:28:22.658Z

Reserved: 2021-01-14T00:00:00

Link: CVE-2021-24277

cve-icon Vulnrichment

No data.

cve-icon NVD

Status : Modified

Published: 2021-05-14T12:15:08.160

Modified: 2024-11-21T05:52:44.633

Link: CVE-2021-24277

cve-icon Redhat

No data.