CVE-2021-24812 – BetterLinks < 1.2.6 - Admin+ Stored Cross-Site Scripting

https://notcve.org/view.php?id=CVE-2021-24812

The BetterLinks WordPress plugin before 1.2.6 does not sanitise and escape some of imported link fields, which could lead to Stored Cross-Site Scripting issues when an admin import a malicious CSV. El plugin BetterLinks de WordPress versiones anteriores a 1.2.6, no sanea ni escapa de algunos campos imported link, que podría conllevar problemas de tipo Cross-Site Scripting almacenado cuando un administrador importa un CSV malicioso • https://wpscan.com/vulnerability/6bc8fff1-ff10-4175-8a46-563f0f26f96a • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •