The WordPress Related Posts plugin through 3.6.4 contains an authenticated (admin+) stored XSS vulnerability in the title field on the settings page. By exploiting that an attacker will be able to execute JavaScript code in the user's browser.
History

No history.

cve-icon MITRE

Status: PUBLISHED

Assigner: WPScan

Published: 2021-04-05T18:27:47

Updated: 2024-08-03T19:21:18.808Z

Reserved: 2021-01-14T00:00:00

Link: CVE-2021-24211

cve-icon Vulnrichment

No data.

cve-icon NVD

Status : Modified

Published: 2021-04-05T19:15:17.530

Modified: 2024-11-21T05:52:36.183

Link: CVE-2021-24211

cve-icon Redhat

No data.