Medium severity6.1NVD Advisory· Published May 5, 2021· Updated Jun 17, 2026
CVE-2021-24276
CVE-2021-24276
Description
The Contact Form by Supsystic WordPress plugin before 1.7.15 did not sanitise the tab parameter of its options page before outputting it in an attribute, leading to a reflected Cross-Site Scripting issue
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2- Range: <1.7.15
- Supsystic/Contact Form by Supsysticv5Range: 1.7.15
Patches
Vulnerability mechanics
References
2- packetstormsecurity.com/files/164308/WordPress-Contact-Form-1.7.14-Cross-Site-Scripting.htmlnvdExploitThird Party AdvisoryVDB Entry
- wpscan.com/vulnerability/1301123c-5e63-432a-ab90-3221ca532d9cnvdExploitThird Party Advisory
News mentions
0No linked articles in our index yet.