CVE-2021-24317

CVE-2021-24317: Listeo < 1.6.11 - Multiple XSS & XFS vulnerabilities

Vendor Purethemes

Product Listeo

Weakness CWE-79 · XSS

Published June 1, 2021

Last update August 3, 2024

View on NVD All CVEs

CVSS base score

—

What the vulnerability does

01Description

The Listeo WordPress theme before 1.6.11 did not properly sanitise some parameters in its Search, Booking Confirmation and Personal Message pages, leading to Cross-Site Scripting issues

Key dates

02Disclosure timeline

June 1, 2021 CVE published

August 3, 2024 Record updated

External resources

03References

NVD — National Vulnerability Database https://nvd.nist.gov/vuln/detail/CVE-2021-24317

Related vulnerabilities

04Related CVE

CVE-2025-34258 Advantech WISE-DeviceOn Server < 5.4 Authenticated Stored XSS via devicemap/plan CVE-2024-34000 moodle: stored XSS in lesson overview report via user ID number CVE-2022-29406 WordPress Team Manager plugin <= 1.6.9 - Multiple Authenticated Stored Cross-Site Scripting (XSS) vulnerabilities CVE-2025-47085 Adobe Experience Manager | Cross-site Scripting (Stored XSS) (CWE-79) CVE-2025-22824 WordPress Live Flight Radar Plugin <= 1.0 - Cross Site Scripting (XSS) vulnerability