Vulnerabilities > CVE-2021-24771 - Unspecified vulnerability in Inspirational Quote Rotator Project Inspirational Quote Rotator 1.0.0
Attack vector
NETWORK Attack complexity
LOW Privileges required
HIGH Confidentiality impact
LOW Integrity impact
LOW Availability impact
NONE Summary
The Inspirational Quote Rotator WordPress plugin through 1.0.0 does not sanitize and escape some of its quote fields when adding/editing a quote as admin, leading to Stored Cross-Site scripting issues when the quote is output in the "Quotes list" even when the unfiltered_html capability is disallowed
Vulnerable Configurations
Part | Description | Count |
---|---|---|
Application | 2 |