Medium severity6.1NVD Advisory· Published May 24, 2021· Updated Jun 17, 2026
CVE-2021-24297
CVE-2021-24297
Description
The Goto WordPress theme before 2.1 did not properly sanitize the formvalue JSON POST parameter in its tl_filter AJAX action, leading to an unauthenticated Reflected Cross-site Scripting (XSS) vulnerability.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2- WordPress/Gotodescription
Patches
Vulnerability mechanics
References
1- wpscan.com/vulnerability/a64a3b2e-7924-47aa-96e8-3aa02a6cdcccnvdExploitThird Party Advisory
News mentions
0No linked articles in our index yet.