Vulnerabilities > Dna88

DATE CVE VULNERABILITY TITLE RISK
2021-09-06 CVE-2021-24591 Cross-site Scripting vulnerability in Dna88 Highlight 0.9.1/0.9.2
The Highlight WordPress plugin before 0.9.3 does not sanitise its CustomCSS setting, allowing high privilege users to perform Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed
network
dna88 CWE-79
3.5
3.5