VYPR
Medium severity4.8NVD Advisory· Published May 24, 2021· Updated Jun 17, 2026

CVE-2021-24296

CVE-2021-24296

Description

The WP Customer Reviews WordPress plugin before 3.5.6 did not sanitise some of its settings, allowing high privilege users such as administrators to set XSS payloads in them which will then be triggered in pages where reviews are enabled

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

2

Patches

Vulnerability mechanics

References

1

News mentions

0

No linked articles in our index yet.