← Back to CVE List
CVE-2021-24479
The DrawBlog WordPress plugin through 0.90 does not sanitise or validate some of its settings before outputting them back in the page, leading to an authenticated stored Cross-Site Scripting issue
> MITRE Terms of Use apply – see LICENSE‑MITRE.txt