Medium severity4.8NVD Advisory· Published Aug 30, 2021· Updated Jun 17, 2026
CVE-2021-24592
CVE-2021-24592
Description
The Sitewide Notice WP WordPress plugin before 2.3 does not sanitise some of its settings before outputting them in frontend pages, allowing high privilege users to perform Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2- WordPress/Sitewide Notice WPdescription
- Range: <2.3
Patches
Vulnerability mechanics
References
1- wpscan.com/vulnerability/9579ff13-9597-4a77-8cb9-997e35265d22nvdExploitThird Party Advisory
News mentions
0No linked articles in our index yet.