Description The fancyselect list field layout does not correctly escape inputs, leading to a self-XSS vector. Remediation References CVE-2024-21730 Related Vulnerabilities WordPress Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2020-4046) WordPress Plugin Feed Them Social-for Twitter feed, Youtube and more PHAR Deserialization (2.9.8.5) MySQL CVE-2017-3635 Vulnerability (CVE-2017-3635) WordPress Plugin ACF to REST API Information Disclosure (3.2.0) OpenSSL NULL Pointer Dereference Vulnerability (CVE-2004-0079) Severity Medium Classification CVE-2024-21730 CWE-707 CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N Tags Missing Update Known Vulnerabilities