The Social Tape WordPress plugin through 1.0 does not have CSRF checks in place when saving its settings, and do not sanitise or escape them before outputting them back in the page, leading to a stored Cross-Site Scripting issue via a CSRF attack
History

No history.

cve-icon MITRE

Status: PUBLISHED

Assigner: WPScan

Published: 2021-08-16T10:48:19

Updated: 2024-08-03T19:28:23.811Z

Reserved: 2021-01-14T00:00:00

Link: CVE-2021-24411

cve-icon Vulnrichment

No data.

cve-icon NVD

Status : Modified

Published: 2021-08-16T11:15:08.220

Modified: 2024-11-21T05:53:01.137

Link: CVE-2021-24411

cve-icon Redhat

No data.