Ivory Search – WordPress Search Plugin, CVE-2021-25105
- CVE, Research URL
- Application
- Published on
- Feb 07, 2022
- Research Description
- The Ivory Search WordPress plugin before 5.4.1 does not escape some of the Form settings, which could allow high privilege users to perform Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed.
- Affected versions
-
Min -, max 5.4.4.
- Status
-
vulnerable