Unrated severityNVD Advisory· Published Jun 21, 2021· Updated Aug 3, 2024

WP Hardening < 1.2.2 - Reflected XSS via URI

CVE-2021-24372

Description

The WP Hardening – Fix Your WordPress Security WordPress plugin before 1.2.2 did not sanitise or escape the $_SERVER['REQUEST_URI'] before outputting it in an attribute, leading to a reflected Cross-Site Scripting issue.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

WordPress/WP Hardening – Fix Your WordPress Securitydescription
WordPress/WP Hardeningllm-fuzzy
Range: <1.2.2

Patches

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

wpscan.com/vulnerability/5340ae4e-95ba-4a69-beb1-3459cac17782mitrex_refsource_CONFIRM

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.001
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000