What the vulnerability does
01Description
The WPBakery plugin before 6.4.1 for WordPress allows XSS because it calls kses_remove_filters to disable the standard WordPress XSS protection mechanism for the Author and Contributor roles.
CVSS base score
CVSS vector
CVSS:3.1/AC:L/AV:N/A:N/C:L/I:L/PR:L/S:C/UI:N
What the vulnerability does
The WPBakery plugin before 6.4.1 for WordPress allows XSS because it calls kses_remove_filters to disable the standard WordPress XSS protection mechanism for the Author and Contributor roles.
Key dates
External resources