Medium severity4.8NVD Advisory· Published May 17, 2021· Updated Jun 17, 2026
CVE-2021-24315
CVE-2021-24315
Description
The GiveWP – Donation Plugin and Fundraising Platform WordPress plugin before 2.10.4 did not sanitise or escape the Background Image field of its Stripe Checkout Setting and Logo field in its Email settings, leading to authenticated (admin+) Stored XSS issues.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2- Range: <2.10.4
- GiveWP/GiveWP – Donation Plugin and Fundraising Platformv5Range: 2.10.4
Patches
Vulnerability mechanics
References
2- m0ze.ru/vulnerability/%5B2021-04-02%5D-%5BWordPress%5D-%5BCWE-79%5D-GiveWP-WordPress-Plugin-v2.10.3.txtnvdExploitThird Party Advisory
- wpscan.com/vulnerability/006b37c9-641c-4676-a315-9b6053e001d2nvdExploitThird Party Advisory
News mentions
0No linked articles in our index yet.