Medium severity4.8NVD Advisory· Published Aug 23, 2021· Updated Jun 17, 2026
CVE-2021-24658
CVE-2021-24658
Description
The Erident Custom Login and Dashboard WordPress plugin before 3.5.9 did not properly sanitise its settings, allowing high privilege users to use XSS payloads in them (even when the unfileted_html is disabled)
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2- Range: <3.5.9
- Range: 3.5.9
Patches
Vulnerability mechanics
References
2- plugins.trac.wordpress.org/changeset/2507516nvdPatchThird Party Advisory
- wpscan.com/vulnerability/ec70f02b-02a1-4511-949e-68f2d9d37ca8nvdExploitThird Party Advisory
News mentions
0No linked articles in our index yet.