CVE-2021-24710

CVE-2021-24710: Print-O-Matic < 2.0.3 - Admin+ Stored Cross-Site Scripting

Vendor Unknown
Product Print-O-Matic
Weakness CWE-79 · XSS
Published November 8, 2021
Last update August 3, 2024

CVSS base score

What the vulnerability does

01Description

The Print-O-Matic WordPress plugin before 2.0.3 does not escape some of its settings before outputting them in attribute, which could allow high privilege users to perform Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed.

Key dates

02Disclosure timeline

November 8, 2021 CVE published
August 3, 2024 Record updated