Cool Tag Cloud, CVE-2021-24682
- CVE, Research URL
- Home page URL
- Application
- Published on
- Nov 01, 2021
- Research Description
- The Cool Tag Cloud WordPress plugin before 2.26 does not escape the style attribute of the cool_tag_cloud shortcode, which could allow users with a role as low as Contributor to perform Stored Cross-Site Scripting attacks.
- Affected versions
-
max 2.26.
- Status
-
vulnerable
| Previous vulnerability researches |
|---|
| Cool Tag Cloud (CVE-2025-13614) , Dec 11, 2025 |
| Cool Tag Cloud (CVE-2025-69011) , Feb 27, 2026 |
| Cool Tag Cloud (CVE-2021-24682) , Jun 07, 2024 |