cleantalk
Vulnerabilities and Security Researches

AMP for WP – Accelerated Mobile Pages, CVE-2021-23209

CVE, Research URL

CVE-2021-23209

Home page URL

Security reports for AMP for WP – Accelerated Mobile Pages

Application

AMP for WP – Accelerated Mobile Pages

Published on
Mar 18, 2022
Research Description
Multiple Authenticated (admin user role) Persistent Cross-Site Scripting (XSS) vulnerabilities discovered in AMP for WP – Accelerated Mobile Pages WordPress plugin (versions <= 1.0.77.32).
Affected versions
max 0.9.97.20.
Status
vulnerable
Previous vulnerability researches
AMP for WP &#8211; Accelerated Mobile Pages (CVE-2024-0587) , Jun 07, 2024
AMP for WP &#8211; Accelerated Mobile Pages (CVE-2021-23150) , Jun 07, 2024
AMP for WP &#8211; Accelerated Mobile Pages (CVE-2021-23209) , Jun 07, 2024
AMP for WP &#8211; Accelerated Mobile Pages (CVE-2024-1043) , Jun 07, 2024
AMP for WP &#8211; Accelerated Mobile Pages (CVE-2023-48321) , Jun 07, 2024
New vulnerability
GitHub Gist Shortcode Plugin (CVE-2025-12667) , Dec 12, 2025
Cryptocurrency Payment Gateway for WooCommerce (CVE-2025-12392) , Dec 12, 2025
Wbcom Designs &#8211; Private Community for BuddyPress (CVE-2025-67582) , Dec 12, 2025
WP-Walla (CVE-2025-12589) , Dec 12, 2025
Master Addons for Elementor (CVE-2025-63055) , Dec 12, 2025