CVE-2021-47984EPSS p8.4%

CVE-2021-47984CVE-2021-47984

Description

WordPress Plugin WP24 Domain Check 1.6.2 contains a stored cross-site scripting vulnerability that allows authenticated attackers to inject malicious scripts by submitting crafted input to the fieldnameDomain parameter. Attackers can inject JavaScript payloads through the plugin settings form at options.php that execute in the browsers of administrators viewing the settings page.

Scoring

CVSS 6.4 ()
VectorCVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N
EPSS0.19% probability of exploitation · percentile 8.4% · 2026-06-18T12:00:27Z
Last modified2026-06-08

Related by meaning· 6

Nearest entities by semantic similarity across the cs-graph corpus.

CVE
CVE-2021-47982
CVE
CVE-2025-1232
CVE
CVE-2026-8981
CVE
CVE-2021-47983
CVE
CVE-2026-27984
CVE
CVE-2026-8977
Sourced from NVD + FIRST.org EPSS. Curated for EU compliance use cases by Adam Lundqvist, Founder at SQUR.