The plugin does not sanitise and escape any of its Labels settings, which could allow high privilege users to perform Cross-Site Scripting attacks even when the unfiltered_htnl capability is disallowed.
https://drive.google.com/file/d/1ZXIS-q2fzZhRhTyHpHEzxc_Z2Shl4Up2/view?usp=sharing Put the following payload in any of the Media-Tags Labels settings (/wp-admin/admin.php?page=mediatags_settings_panel): "><img src=x onerror=confirm(/XSS/)>
Akash Rajendra Patil
Akash Rajendra Patil
Yes
2021-10-25 (about 1 years ago)
2021-10-26 (about 1 years ago)
2022-04-13 (about 9 months ago)