Medium severity6.1NVD Advisory· Published May 24, 2021· Updated Jun 17, 2026
CVE-2021-24298
CVE-2021-24298
Description
The method and share GET parameters of the Giveaway pages were not sanitised, validated or escaped before being output back in the pages, thus leading to reflected XSS
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2- Igor Benic/Simple Giveaways – Grow your business, email lists and traffic with contestsv5Range: 2.36.2
Patches
Vulnerability mechanics
References
2- codevigilant.com/disclosure/2021/wp-plugin-giveasap-xss/nvdExploitThird Party Advisory
- wpscan.com/vulnerability/30aebded-3eb3-4dda-90b5-12de5e622c91nvdExploitThird Party Advisory
News mentions
0No linked articles in our index yet.