Medium severity4.8NVD Advisory· Published Sep 20, 2021· Updated Jun 17, 2026
CVE-2021-24600
CVE-2021-24600
Description
The WP Dialog WordPress plugin through 1.2.5.5 does not sanitise and escape some of its settings before outputting them in pages, allowing high privilege users to perform Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2<=1.2.5.5+ 1 more
- (no CPE)range: <=1.2.5.5
- (no CPE)range: <=1.2.5.5
Patches
Vulnerability mechanics
References
1- wpscan.com/vulnerability/413b3a2e-1c05-45ec-b00f-1c137a1ae33envdExploitThird Party Advisory
News mentions
0No linked articles in our index yet.