Unrated severityNVD Advisory· Published Oct 25, 2021· Updated Aug 3, 2024
Cookie Bar < 1.8.9 - Admin+ Stored Cross-Site Scripting
CVE-2021-24653
Description
The Cookie Bar WordPress plugin before 1.8.9 doesn't properly sanitise the Cookie Bar Message setting, which could allow high privilege users to perform Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2- WordPress/Cookie Bardescription
- Range: <1.8.9
Patches
Vulnerability mechanics
References
1- wpscan.com/vulnerability/bfa8f46f-d323-4a2d-b875-39cd9b4cee0amitrex_refsource_CONFIRM
News mentions
0No linked articles in our index yet.