CVE-2021-24373

CVE-2021-24373: WP Hardening < 1.2.2 - Reflected XSS via historyvalue

Vendor Unknown
Product WP Hardening – Fix Your WordPress Security
Weakness CWE-79 · XSS
Published June 21, 2021
Last update August 3, 2024

CVSS base score

What the vulnerability does

01Description

The WP Hardening – Fix Your WordPress Security WordPress plugin before 1.2.2 did not sanitise or escape the historyvalue GET parameter before outputting it in a Javascript block, leading to a reflected Cross-Site Scripting issue.

Key dates

02Disclosure timeline

June 21, 2021 CVE published
August 3, 2024 Record updated