Vulnerabilities > Light Messages Project
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2021-08-16 | CVE-2021-24535 | Cross-site Scripting vulnerability in Light Messages Project Light Messages 1.0 The Light Messages WordPress plugin through 1.0 is lacking CSRF check when updating it's settings, and is not sanitising its Message Content in them (even with the unfiltered_html disallowed). | 4.3 |