Medium severity4.8NVD Advisory· Published Oct 11, 2021· Updated Jun 17, 2026
CVE-2021-24656
CVE-2021-24656
Description
The Simple Social Media Share Buttons WordPress plugin before 3.2.4 does not escape the Share Title settings before outputting it in the frontend pages or posts (depending on the settings used), allowing high privilege users to perform Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2- WordPress/Simple Social Media Share Buttonsdescription
- Range: <3.2.4
Patches
Vulnerability mechanics
References
1- wpscan.com/vulnerability/8e897dcc-6e52-440b-83ad-b119c55751c7nvdExploitThird Party Advisory
News mentions
0No linked articles in our index yet.