In the process of testing the SEO Plugin by Squirrly SEO WordPress plugin before 12.3.21, a vulnerability was found that allows you to implement Stored XSS on behalf of the editor by embedding. Rated low severity (CVSS 3.5), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.
WordPress
XSS
Seo Plugin By Squirrly Seo
NVD
WPScan
CVSS 3.1
3.5
EPSS
0.3%