VYPR
Medium severity5.4NVD Advisory· Published Apr 5, 2021· Updated Jun 17, 2026

CVE-2021-24196

CVE-2021-24196

Description

The Social Slider Widget WordPress plugin before 1.8.5 allowed Authenticated Reflected XSS in the plugin settings page as the ‘token_error’ parameter can be controlled by users and it is directly echoed without being sanitized

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

2

Patches

Vulnerability mechanics

References

2

News mentions

0

No linked articles in our index yet.