CVE-2021-24743
Podcast Subscribe Buttons < 1.4.2 - Contributor+ Stored XSS
Vexday Risk Score
3Low
SSVC decision (CISA)
Track
No exploitation signal → monitor
CVSS —EPSS 0.6%KEV nãoPoC —Nuclei —Metasploit —Patch —
Lifecycle
18 Oct 2021Published on NVD
Recommendation: Monitor — no exploitation signal at the moment.
The Podcast Subscribe Buttons WordPress plugin before 1.4.2 allows users with any role capable of editing or adding posts to perform stored XSS.
Affected products
Unknown · Podcast Subscribe Buttons