Medium severity6.1NVD Advisory· Published Nov 17, 2021· Updated Jun 17, 2026
CVE-2021-24796
CVE-2021-24796
Description
The My Tickets WordPress plugin before 1.8.31 does not properly sanitise and escape the Email field of booked tickets before outputting it in the Payment admin dashboard, which could allow unauthenticated users to perform Cross-Site Scripting attacks against admins
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2- WordPress/My Ticketsdescription
Patches
Vulnerability mechanics
References
1- wpscan.com/vulnerability/d973dc0f-3cb4-408d-a8b0-01abeb9ef951nvdExploitThird Party Advisory
News mentions
0No linked articles in our index yet.