There are several endpoints in the plugin that could allow unauthenticated attackers the ability to inject malicious JavaScript into pages.
The PoC will be displayed once the issue has been remediated
Chloe Chamberland
Chloe Chamberland
Yes
2021-04-26 (about 1 years ago)
2021-04-27 (about 1 years ago)
2021-04-27 (about 1 years ago)