Critical severity9.0NVD Advisory· Published Dec 13, 2021· Updated Jun 17, 2026
CVE-2021-24922
CVE-2021-24922
Description
The Pixel Cat WordPress plugin before 2.6.2 does not have CSRF check when saving its settings, and did not sanitise as well as escape some of them, which could allow attacker to make a logged in admin change them and perform Cross-Site Scripting attacks
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2- WordPress/Pixel Catdescription
Patches
Vulnerability mechanics
References
1- wpscan.com/vulnerability/399ffd65-f3c0-4fbe-a83a-2a620976aad2nvdExploitThird Party Advisory
News mentions
0No linked articles in our index yet.