Logo
-

Byte Open Security

(ByteOS Network)

Log In

Sign Up

ByteOS

Security
Vulnerability Details
Registries
Custom Views
Weaknesses
Attack Patterns
Filters & Tools
NVD Vulnerability Details :
CVE-2021-24211
Modified
More InfoOfficial Page
Source-contact@wpscan.com
View Known Exploited Vulnerability (KEV) details
Published At-05 Apr, 2021 | 19:15
Updated At-12 Aug, 2025 | 12:51

The WordPress Related Posts plugin through 3.6.4 contains an authenticated (admin+) stored XSS vulnerability in the title field on the settings page. By exploiting that an attacker will be able to execute JavaScript code in the user's browser.

CISA Catalog
Date AddedDue DateVulnerability NameRequired Action
N/A
Metrics
TypeVersionBase scoreBase severityVector
Primary3.15.4MEDIUM
CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
Primary2.03.5LOW
AV:N/AC:M/Au:S/C:N/I:P/A:N
CPE Matches

sovrn
sovrn
>>wordpress_related_posts>>Versions up to 3.6.4(inclusive)
cpe:2.3:a:sovrn:wordpress_related_posts:*:*:*:*:*:wordpress:*:*
Weaknesses
CWE IDTypeSource
CWE-79Secondarycontact@wpscan.com
CWE-79Primarynvd@nist.gov
Evaluator Description

Evaluator Impact

Evaluator Solution

Vendor Statements

References
HyperlinkSourceResource
https://wpscan.com/vulnerability/37e0a033-3dee-476d-ae86-68354e8f0b1ccontact@wpscan.com
Exploit
Third Party Advisory
https://wpscan.com/vulnerability/37e0a033-3dee-476d-ae86-68354e8f0b1caf854a3a-2127-422b-91ae-364da2661108
Exploit
Third Party Advisory
Change History
0Changes found

Details not found