cleantalk
Vulnerabilities and Security Researches

WP-Paginate, CVE-2021-47982

CVE, Research URL

CVE-2021-47982

Home page URL

Security reports for WP-Paginate

Application

WP-Paginate

Published on
Jun 08, 2026
Research Description
WordPress Plugin WP-Paginate 2.1.3 contains a stored cross-site scripting vulnerability that allows authenticated attackers to inject malicious scripts by manipulating the preset parameter. Attackers can submit POST requests to the plugin settings page with script payloads in the preset parameter that are stored and executed when administrators view the settings.
Affected versions
max 2.1.3.
Status
vulnerable
Previous vulnerability researches
Cookie Law Bar (CVE-2021-47957) , May 20, 2026
Cookie Law Bar (7565ed53d11447f181f17d2d720c55c7bc85db2e) , Jun 07, 2024
New vulnerability
Funnel Builder for WordPress by FunnelKit – Customize WooCommerce Checkout Pages, Create Sales Funnels, Order Bumps & One (CVE-2026-48966) , Jun 10, 2026
Geo Mashup (CVE-2026-48967) , Jun 10, 2026
Integration for Salesforce and Contact Form 7, WPForms, Elementor, Formidable, Ninja Forms (CVE-2026-49109) , Jun 10, 2026
WP-Paginate (CVE-2021-47982) , Jun 10, 2026
Welcart e-Commerce (CVE-2026-49775) , Jun 10, 2026