Vulnerabilities > Kajoom

DATE CVE VULNERABILITY TITLE RISK
2021-10-15 CVE-2021-39344 Cross-site Scripting vulnerability in Kajoom KJM Admin Notices 2.0.1
The KJM Admin Notices WordPress plugin is vulnerable to Stored Cross-Site Scripting due to insufficient input validation and sanitization via several parameters found in the ~/admin/class-kjm-admin-notices-admin.php file which allowed attackers with administrative user access to inject arbitrary web scripts, in versions up to and including 2.0.1.
network
high complexity
kajoom CWE-79
2.1