Vulnerabilities > CVE-2021-24619 - Unspecified vulnerability in Evona PER Page ADD to Head 1.4.4

CVSS 4.8 - MEDIUM

Attack vector

NETWORK

Attack complexity

LOW

Privileges required

HIGH

Confidentiality impact

LOW

Integrity impact

LOW

Availability impact

NONE

network

low complexity

evona

NVD

Published: 2021-09-13

Updated: 2024-11-21

Summary

The Per page add to head WordPress plugin through 1.4.4 does not properly sanitise one of its setting, allowing malicious HTML to be inserted by high privilege users even when the unfiltered_html capability is disallowed, which could lead to Cross-Site Scripting issues.

Vulnerable Configurations

Part	Description	Count
Application	Evona Evona PER Page ADD TO Head - Evona PER Page ADD TO Head 1.4.4	2

References

https://wpscan.com/vulnerability/f360f383-0646-44ca-b49e-e2258dfbf3a6
https://wpscan.com/vulnerability/f360f383-0646-44ca-b49e-e2258dfbf3a6