Live Vulnerability Intelligence
Threat Database
Search CVEs, inspect descriptions, and open detail pages with AI-assisted technical context.
Threat Entry
Updated 2024-11-21
CVE-2021-24787 - Client Invoicing By Sprout Invoices Plugin
The Client Invoicing by Sprout Invoices WordPress plugin before 19.9.7 does not sanitise and escape some of its settings, which could allow high privilege users to perform Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed
PLUGIN
Client Invoicing By Sprout Invoices
CVE-2021-24787
Risk Score