CVE-2021-24745

Name of the Vulnerable Software and Affected Versions: About Author Box WordPress plugin versions prior to 1.0.2

Description: The issue is related to the About Author Box WordPress plugin, where it does not properly sanitise and escape the Social Profiles field values before outputting them in attributes. This could allow a user with a role as low as contributor to perform Cross-Site Scripting attacks.

Recommendations: For versions prior to 1.0.2, update to version 1.0.2 or later to resolve the issue. As a temporary workaround, consider restricting the use of the Social Profiles field to minimize the risk of exploitation.