CVE-2021-24701

CVE-2021-24701: Quiz Tool Lite <= 2.3.15 - Multiple Admin+ Stored Cross-Site Scripting

Vendor Unknown

Product Quiz Tool Lite

Weakness CWE-79 · XSS

Published November 8, 2021

Last update August 3, 2024

View on NVD All CVEs

CVSS base score

—

What the vulnerability does

01Description

The Quiz Tool Lite WordPress plugin through 2.3.15 does not sanitize multiple input fields used when creating or managing quizzes and in other setting options, allowing high privilege users to perform Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed.

Key dates

02Disclosure timeline

November 8, 2021 CVE published

August 3, 2024 Record updated

External resources

03References

NVD — National Vulnerability Database https://nvd.nist.gov/vuln/detail/CVE-2021-24701

Related vulnerabilities

04Related CVE

CVE-2026-3054 Alinto SOGo cross site scripting CVE-2024-23188 CVE-2025-20279 Cisco Unifed Contact Center Express Stored Cross-Site Scripting Vulnerability CVE-2023-5789 Dragon Path 707GR1 Ping Diagnostics cross site scripting CVE-2024-23517 WordPress Scheduling Plugin – Online Booking for WordPress Plugin <= 3.5.10 is vulnerable to Cross Site Scripting (XSS)