Medium severity6.1NVD Advisory· Published May 6, 2021· Updated Jun 17, 2026
CVE-2021-24245
CVE-2021-24245
Description
The Stop Spammers WordPress plugin before 2021.9 did not escape user input when blocking requests (such as matching a spam word), outputting it in an attribute after sanitising it to remove HTML tags, which is not sufficient and lead to a reflected Cross-Site Scripting issue.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2- Range: <2021.9
- Trumani/Stop Spammersv5Range: 2021.9
Patches
Vulnerability mechanics
References
2- packetstormsecurity.com/files/162623/WordPress-Stop-Spammers-2021.8-Cross-Site-Scripting.htmlnvdExploitThird Party AdvisoryVDB Entry
- wpscan.com/vulnerability/5e7accd6-08dc-4c6e-9d19-73e2d7e97735nvdExploitThird Party Advisory
News mentions
0No linked articles in our index yet.