The Per page add to head WordPress plugin through 1.4.4 does not properly sanitise one of its setting, allowing malicious HTML to be inserted by high privilege users even when the unfiltered_html capability is disallowed, which could lead to Cross-Site Scripting issues.
Metrics
Affected Vendors & Products
References
History
No history.
MITRE
Status: PUBLISHED
Assigner: WPScan
Published: 2021-09-13T17:56:31
Updated: 2024-08-03T19:35:20.279Z
Reserved: 2021-01-14T00:00:00
Link: CVE-2021-24619
Vulnrichment
No data.
NVD
Status : Analyzed
Published: 2021-09-13T18:15:17.507
Modified: 2021-09-23T14:44:26.820
Link: CVE-2021-24619
Redhat
No data.