Medium severity6.1NVD Advisory· Published Jan 17, 2022· Updated Jun 17, 2026
CVE-2021-24909
CVE-2021-24909
Description
The ACF Photo Gallery Field WordPress plugin before 1.7.5 does not sanitise and escape the post parameter in the includes/acf_photo_gallery_metabox_edit.php file before outputing back in an attribute, leading to a Reflected Cross-Site Scripting issue
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2- Range: <1.7.5
Patches
Vulnerability mechanics
References
1- wpscan.com/vulnerability/5855f1fe-28f6-4cd6-a83c-95c23d809b79nvdExploitThird Party Advisory
News mentions
0No linked articles in our index yet.