Medium severity6.1NVD Advisory· Published Mar 18, 2021· Updated Jun 17, 2026
CVE-2021-24135
CVE-2021-24135
Description
Unvalidated input and lack of output encoding in the WP Customer Reviews WordPress plugin, versions before 3.4.3, lead to multiple Stored Cross-Site Scripting vulnerabilities allowing remote attackers to inject arbitrary JavaScript code or HTML.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2- WordPress/WP Customer Reviewsdescription
- Range: <3.4.3
Patches
Vulnerability mechanics
References
1- wpscan.com/vulnerability/07e9e70b-97a6-42e3-b0de-8cb69dedcbd3nvdExploitThird Party Advisory
News mentions
0No linked articles in our index yet.