Medium severity6.1NVD Advisory· Published May 17, 2021· Updated Jun 17, 2026
CVE-2021-24290
CVE-2021-24290
Description
There are several endpoints in the Store Locator Plus for WordPress plugin through 5.5.15 that could allow unauthenticated attackers the ability to inject malicious JavaScript into pages.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2- Range: <=5.5.15
- Range: 5.5.15
Patches
Vulnerability mechanics
References
2- wpscan.com/vulnerability/dc368484-f2fe-4c76-ba3d-e00e7f633719nvdThird Party Advisory
- www.wordfence.com/blog/2021/04/severe-unpatched-vulnerabilities-leads-to-closure-of-store-locator-plus-pluginnvdThird Party Advisory
News mentions
0No linked articles in our index yet.