cleantalk
Vulnerabilities and Security Researches

WP-Paginate, CVE-2021-4222

CVE, Research URL

CVE-2021-4222

Home page URL

Security reports for WP-Paginate

Application

WP-Paginate

Published on
Feb 28, 2022
Research Description
The WP-Paginate WordPress plugin before 2.1.4 does not sanitise and escape its preset settings, allowing high privilege users such as admin to perform Cross-Site Scripting attacks even when the unfiltered_html is disallowed
Affected versions
max 2.1.4.
Status
vulnerable
Previous vulnerability researches
WP-Paginate (CVE-2021-4222) , Jun 07, 2024
WP-Paginate (CVE-2022-2050) , Jun 07, 2024
WP-Paginate (CVE-2021-47982) , Jun 10, 2026
New vulnerability
Funnel Builder for WordPress by FunnelKit – Customize WooCommerce Checkout Pages, Create Sales Funnels, Order Bumps & One (CVE-2026-48966) , Jun 10, 2026
Geo Mashup (CVE-2026-48967) , Jun 10, 2026
Integration for Salesforce and Contact Form 7, WPForms, Elementor, Formidable, Ninja Forms (CVE-2026-49109) , Jun 10, 2026
WP-Paginate (CVE-2021-47982) , Jun 10, 2026
Welcart e-Commerce (CVE-2026-49775) , Jun 10, 2026