← Back to CVE List
CVE-2021-24346
The Stock in & out WordPress plugin through 1.0.4 has a search functionality, the lowest accessible level to it being contributor. The srch POST parameter is not validated, sanitised or escaped before using it in the echo statement, leading to a reflected XSS issue
> MITRE Terms of Use apply – see LICENSE‑MITRE.txt