CVE-2024-9771 – WordPress WP-Recall Stored Cross-Site Scripting Vulnerability

April 28, 2025

CVE ID : CVE-2024-9771

Published : April 28, 2025, 6:15 a.m. | 2 hours, 13 minutes ago

Description : The WP-Recall WordPress plugin before 16.26.12 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed (for example in multisite setup).

Severity: 0.0 | NA

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

Source: Read More

Previous ArticleCVE-2025-0627 – WordPress Tag, Category, and Taxonomy Manager Stored Cross-Site Scripting Vulnerability

Next Article CVE-2024-13688 – WordPress ASE Password Protection Hardcoded Password Bypass

How To Prevent WordPress SQL Injection Attacks

This week in AI dev tools: Apple’s Foundations Model framework, Mistral’s first reasoning model, and more (June 13, 2025)

Open Talent platforms emerging to match skilled workers to needs, study finds

Java never goes out of style: Celebrating 30 years of the language

OneDrive for Mac will soon give you more flexible storage options

From The Editor’s Desk — new Windows Central community features, we’d like to hear from you!

New code strings attached to Xbox Game Pass suggests a price increase may be imminent

This could be the versatile laptop accessory I’ve been waiting for — Here’s why it stands out from other portable monitors

Worker Threads in Node.js: A Complete Guide for Multithreading in JavaScript

Worker Threads in Node.js: A Complete Guide for Multithreading in JavaScript

Everybody’s gone lintin’

QAQ-QQ-AI-QUEST

OneDrive for Mac will soon give you more flexible storage options

OneDrive for Mac will soon give you more flexible storage options

From The Editor’s Desk — new Windows Central community features, we’d like to hear from you!

New code strings attached to Xbox Game Pass suggests a price increase may be imminent

CVE-2024-9771 – WordPress WP-Recall Stored Cross-Site Scripting Vulnerability

Ransomware Gangs Exploit Unpatched SimpleHelp Flaws to Target Victims with Double Extortion

Mitel OpenScape Flaw (CVE-2025-23092): High-Severity Path Traversal Allows Admin RCE

Latest UI/UX Design Trends That Will Rule 2025 – Lunar Web Solution

Microsoft Urges TPM 2.0 for Windows 11 Upgrade as Win 10 Support Nears End

Mailmodo Free Email Signature Generator

The Role of Linux in the Open-Source Security Ecosystem: Collaborative Solutions for a Safer Digital World

Razer’s having another go at making it so you never have to charge your wireless gaming mouse, and this time it might have nailed it

The Top 5 WordPress Page Builders Compared

CVE-2025-46755 – Apache HTTP Server SQL Injection

CVE-2025-48911 – Citrix ShareFile Permission Vulnerability

CVE-2024-9771 – WordPress WP-Recall Stored Cross-Site Scripting Vulnerability

Related Posts