Medium severity5.4NVD Advisory· Published Oct 18, 2021· Updated Jun 17, 2026
CVE-2021-24615
CVE-2021-24615
Description
The Wechat Reward WordPress plugin through 1.7 does not sanitise or escape its QR settings, nor has any CSRF check in place, allowing attackers to make a logged in admin change the settings and perform Cross-Site Scripting attacks.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2- WordPress/Wechat Rewarddescription
- Range: <=1.7
Patches
Vulnerability mechanics
References
1- wpscan.com/vulnerability/9d48313b-76d7-4252-9b81-2fdd0373561bnvdThird Party Advisory
News mentions
0No linked articles in our index yet.