Easy Accordion < 2.0.22 - Authenticated Stored XSS
CVE-2021-24576

5.4MEDIUM

Key Information:

Vendor

Wordpress
Status
Easy Accordion – Best Accordion Faq Plugin For WordPress
Vendor
CVE Published:
11 October 2021

What is CVE-2021-24576?

The Easy Accordion WordPress plugin before 2.0.22 does not properly sanitize inputs when adding new items to an accordion.

Affected Version(s)

Easy Accordion – Best Accordion FAQ Plugin for WordPress 2.0.22

References

https://wpscan.com/vulnerability/4d0c60d1-db5a-4c4f-9bdb-...
x_refsource_MISC

CVSS V3.1

Score:
5.4
Severity:
MEDIUM
Confidentiality:
Low
Integrity:
Low
Availability:
Low
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
Low
User Interaction:
Required
Scope:
Changed

Timeline

  • Vulnerability published

  • Vulnerability Reserved

Credit

Asif Nawaz Minhas
.