Medium severity5.4NVD Advisory· Published Aug 16, 2021· Updated Jun 17, 2026
CVE-2021-24538
CVE-2021-24538
Description
The Current Book WordPress plugin through 1.0.1 does not sanitize user input when an authenticated user adds Author or Book Title, then does not escape these values when outputting to the browser leading to an Authenticated Stored XSS Cross-Site Scripting issue.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2- WordPress/Current Bookdescription
- Range: <=1.0.1
Patches
Vulnerability mechanics
References
1- wpscan.com/vulnerability/f9911a43-0f4c-403f-9fca-7822eb693317nvdExploitThird Party Advisory
News mentions
0No linked articles in our index yet.