Medium severity6.1NVD Advisory· Published Nov 23, 2021· Updated Jun 17, 2026
CVE-2021-24873
CVE-2021-24873
Description
The Tutor LMS WordPress plugin before 1.9.11 does not sanitise and escape user input before outputting back in attributes in the Student Registration page, leading to a Reflected Cross-Site Scripting issue
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2- WordPress/Tutor LMSdescription
Patches
Vulnerability mechanics
References
2- plugins.trac.wordpress.org/changeset/2615802/tutornvdPatchThird Party Advisory
- wpscan.com/vulnerability/19980b57-1954-4a29-b2c2-43eadf758ed3nvdThird Party Advisory
News mentions
0No linked articles in our index yet.