What the vulnerability does
01Description
Cross-Site Request Forgery (CSRF) vulnerability in mattwalters WordPress Filter wordpress-filter allows Stored XSS.This issue affects WordPress Filter: from n/a through <= 1.4.1.
CVE-2024-54391
HIGH
CVE-2024-54391: WordPress WordPress Filter plugin <= 1.4.1 - CSRF to Stored XSS vulnerability
CVSS base score
7.1/10
CVSS vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L
Key dates
02Disclosure timeline
December 16, 2024
CVE published
April 28, 2026
Record updated
External resources
03References
Related vulnerabilities
04Related CVE
CVE-2021-32732 Cross-Site Request Forgery in xwiki-platform
CVE-2023-22675 WordPress WP Fast Cache plugin <= 1.5 - Cross Site Request Forgery (CSRF) vulnerability
CVE-2025-43745
CVE-2024-4585 DedeCMS member_type.php cross-site request forgery
CVE-2022-1900 Copify <= 1.3.0 - Cross-Site Request Forgery to Cross-Site Scripting
