Medium severity6.5NVD Advisory· Published Jun 1, 2021· Updated Jun 17, 2026
CVE-2021-24333
CVE-2021-24333
Description
The Content Copy Protection & Prevent Image Save WordPress plugin through 1.3 does not check for CSRF when saving its settings, not perform any validation and sanitisation on them, allowing attackers to make a logged in administrator set arbitrary XSS payloads in them.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2- WordPress/Content Copy Protection & Prevent Image Savedescription
- Range: <=1.3
Patches
Vulnerability mechanics
References
4- m0ze.ru/exploit/csrf-prevent-content-copy-image-save-v1.3.htmlnvdExploitThird Party Advisory
- wpscan.com/vulnerability/c722f8d0-f86b-41c2-9f1f-48e475e22864nvdExploitThird Party Advisory
- m0ze.ru/vulnerability/%5B2021-03-29%5D-%5BWordPress%5D-%5BCWE-352%5D-Content-Copy-Protection-Prevent-Image-Save-WordPress-Plugin-v1.3.txtnvd
- m0ze.ru/vulnerability/%5B2021-03-29%5D-%5BWordPress%5D-%5BCWE-79%5D-Content-Copy-Protection-Prevent-Image-Save-WordPress-Plugin-v1.3.txtnvd
News mentions
0No linked articles in our index yet.