Medium severity6.1NVD Advisory· Published Feb 1, 2022· Updated Jun 17, 2026
CVE-2021-24648
CVE-2021-24648
Description
The RegistrationMagic WordPress plugin before 5.0.1.9 does not sanitise and escape the rm_search_value parameter before outputting back in an attribute, leading to a Reflected Cross-Site Scripting
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
1- Range: <5.0.1.9
Patches
Vulnerability mechanics
References
2- plugins.trac.wordpress.org/changeset/2646734nvdPatchThird Party Advisory
- wpscan.com/vulnerability/a3573212-2a98-4504-b8f4-b4d46655e17cnvdExploitThird Party Advisory
News mentions
0No linked articles in our index yet.