Unrated severityNVD Advisory· Published Oct 18, 2021· Updated Aug 3, 2024
LearnPress < 4.1.3.1 - Multiple Admin+ Stored Cross-Site Scripting
CVE-2021-24702
Description
The LearnPress WordPress plugin before 4.1.3.1 does not properly sanitize or escape various inputs within course settings, which could allow high privilege users to perform Cross-Site Scripting attacks when the unfiltred_html capability is disallowed
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2- WordPress/LearnPressdescription
Patches
Vulnerability mechanics
References
1- wpscan.com/vulnerability/30635cc9-4415-48bb-9c67-ea670ea1b942mitrex_refsource_MISC
News mentions
0No linked articles in our index yet.