Medium severity4.8NVD Advisory· Published May 24, 2021· Updated Jun 17, 2026
CVE-2021-24296
CVE-2021-24296
Description
The WP Customer Reviews WordPress plugin before 3.5.6 did not sanitise some of its settings, allowing high privilege users such as administrators to set XSS payloads in them which will then be triggered in pages where reviews are enabled
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2- Range: <3.5.6
- Go Web Solutions/WP Customer Reviewsv5Range: 3.5.6
Patches
Vulnerability mechanics
References
1- wpscan.com/vulnerability/c450f54a-3372-49b2-8ad8-68d5cc0dd49envdExploitThird Party Advisory
News mentions
0No linked articles in our index yet.