Description
The Simple Post WordPress plugin through 1.1 does not sanitize user input when an authenticated user Text value, then it does not escape these values when outputting to the browser leading to an Authenticated Stored XSS Cross-Site Scripting issue.
Published: 2024-01-16
Score: 5.4 Medium
EPSS: < 1% Very Low
KEV: No
Impact: n/a
Action: n/a
AI Analysis

Analysis and contextual insights are available on OpenCVE Cloud.

Remediation

No vendor fix or workaround currently provided.

Additional remediation guidance may be available on OpenCVE Cloud.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

History

No history.

Subscriptions

Nickmomrik Simple Post
cve-icon MITRE

Status: PUBLISHED

Assigner: WPScan

Published:

Updated: 2024-08-29T14:33:52.001Z

Reserved: 2021-01-14T15:03:46.770Z

Link: CVE-2021-24567

cve-icon Vulnrichment

Updated: 2024-08-03T19:35:20.162Z

cve-icon NVD

Status : Modified

Published: 2024-01-16T16:15:09.050

Modified: 2026-06-17T03:40:15.233

Link: CVE-2021-24567

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

No data.

Weaknesses