CVE-2021-24410

Name of the Vulnerable Software and Affected Versions తెలుగు బైబిల్ వచనములు WordPress plugin version 1.0

Description The issue is related to the lack of CSRF check when saving settings and verses, and the failure to sanitise or escape them when outputting them back in the page. This could allow attackers to make a logged-in admin change the settings, as well as add malicious verses containing JavaScript code, leading to Stored XSS issues.

Recommendations For తెలుగు బైబిల్ వచనములు WordPress plugin version 1.0, consider disabling the plugin until a patch is available to prevent potential exploitation. Restrict access to the plugin's settings and verses to minimize the risk of Stored XSS issues. Avoid using the plugin to add or edit verses until the issue is resolved. At the moment, there is no information about a newer version that contains a fix for this vulnerability.