CVE-2021-24343
Description
The iFlyChat WordPress plugin before 4.7.0 does not sanitise its APP ID setting before outputting it back in the page, leading to an authenticated Stored Cross-Site Scripting issue
CWE
- CWE-79 — CWE-79 Cross-site Scripting (XSS)
Affected
- Unknown / iFlyChat – WordPress Chat — v=4.7.0 <4.7.0 [affected]
CVSS
- (none)
References
Source
cvelistV5-main/cves/2021/24xxx/CVE-2021-24343.json