Unrated severityNVD Advisory· Published Nov 8, 2021· Updated Aug 3, 2024
Storefront Footer Text <= 1.0.1 - Admin+ Stored Cross-Site Scripting
CVE-2021-24607
Description
The Storefront Footer Text WordPress plugin through 1.0.1 does not sanitize and escape the "Footer Credit Text" added to pages, allowing high privilege users to perform Cross-Site Scripting attacks even when the unfiltered-html capability is disallowed.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2- WordPress/Storefront Footer Textdescription
- Range: <=1.0.1
Patches
Vulnerability mechanics
References
1- wpscan.com/vulnerability/efa7d91a-447b-4fd8-aa21-5364b177fee9mitrex_refsource_MISC
News mentions
0No linked articles in our index yet.