Vulnerabilities > CVE-2021-24277 - Unspecified vulnerability in Wpuslugi RSS for Yandex Turbo
Attack vector
NETWORK Attack complexity
LOW Privileges required
LOW Confidentiality impact
LOW Integrity impact
LOW Availability impact
NONE Summary
The RSS for Yandex Turbo WordPress plugin before 1.30 did not properly sanitise the user inputs from its ???????? settings tab before outputting them back in the page, leading to authenticated stored Cross-Site Scripting issues