Medium severity6.1NVD Advisory· Published Dec 13, 2021· Updated Jun 17, 2026
CVE-2021-24756
CVE-2021-24756
Description
The WP System Log WordPress plugin before 1.0.21 does not sanitise, validate and escape the IP address retrieved from login requests before outputting them in the admin dashboard, which could allow unauthenticated attacker to perform Cross-Site Scripting attacks against admins viewing the logs.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2- WordPress/WP System Logdescription
- Range: <1.0.21
Patches
Vulnerability mechanics
References
1- wpscan.com/vulnerability/0cea0717-8f54-4f1c-b3ee-aff7dd91bf59nvdExploitThird Party Advisory
News mentions
0No linked articles in our index yet.