CVE-2021-24233

CVE-2021-24233: Cooked Pro < 1.7.5.6 - Unauthenticated Reflected Cross Site Scripting (XSS)

Vendor Unknown

Product Cooked Ppro

Weakness CWE-79 · XSS

Published April 22, 2021

Last update August 3, 2024

View on NVD All CVEs

CVSS base score

—

What the vulnerability does

01Description

The Cooked Pro WordPress plugin before 1.7.5.6 was affected by unauthenticated reflected Cross-Site Scripting issues, due to improper sanitisation of user input while being output back in pages as an arbitrary attribute.

Key dates

02Disclosure timeline

April 22, 2021 CVE published

August 3, 2024 Record updated

External resources

03References

NVD — National Vulnerability Database https://nvd.nist.gov/vuln/detail/CVE-2021-24233 CWE — Common Weakness Enumeration https://cwe.mitre.org/data/definitions/79.html

Related vulnerabilities

04Related CVE

CVE-2024-12448 Posts and Products Views for WooCommerce <= 2.1 - Authenticated (Contributor+) Stored Cross-Site Scripting CVE-2024-52344 WordPress Provide Forex Signals plugin <= 1.0 - Cross Site Scripting (XSS) vulnerability CVE-2022-0364 Modern Events Calendar Lite < 6.4.0 - Contributor+ Stored Cross Site Scripting CVE-2025-67952 WordPress Grand Tour theme < 5.6.2 - Cross Site Scripting (XSS) vulnerability CVE-2024-3883 3D FlipBook <= 1.15.4 - Authenticated (Author+) Stored Cross-Site Scritping via Bookmark URL