CVE-2021-24884 - Before 4 Plugin
CVE-2021-24884
The Formidable Form Builder WordPress plugin before 4.09.05 allows to inject certain HTML Tags like ,,, and.This could allow an unauthenticated, remote attacker to exploit a HTML-injection byinjecting a malicous link. The HTML-injection may trick authenticated users to follow the link. If the Link gets clicked, Javascript code can be executed. The vulnerability is due to insufficient sanitization of the "data-frmverify" tag for links in the web-based entry inspection page of affected systems. A successful exploitation incomibantion with CSRF could allow the attacker to perform arbitrary actions on an affected system with the privileges of the user. These actions include stealing the users account by changing their password or allowing attackers to submit their own code through an authenticated user resulting in Remote Code Execution. If an authenticated user who is able to edit Wordpress PHP Code in any kind, clicks the malicious link, PHP code can be edited.
CVE-2021-24884
CRITICAL
CVSS 9.6
Published 2021-10-25
Updated 2024-11-21
AI Risk Critical (100/100)
Active Exploit: Likely
Published Exploit: Public exploit references found
Priority: P1 Immediate
Severity Band
CRITICAL
CVSS Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H
Affected Components
2
Reference Links
3
AI Risk Engine
Critical (100/100)
Exploitability
Very High
Active Exploitation
Likely
Published Exploit Status
Public exploit references found
AI Context
Machine-generated threat intelligence
AI
Updated 4 days ago
AI enriched 4 days ago (2026-04-12 02:40 UTC)
Technical Summary
The Formidable Form Builder WordPress plugin before 4.09.05 allows to inject certain HTML Tags like ,,, and.This could allow an unauthenticated, remote attacker to exploit a HTML-injection byinjecting a malicous link. The HTML-injection may trick authenticated users to follow the link. If the Link gets clicked, Javascript code can be executed. The vulnerability is due to insufficient sanitization of the "data-frmverify" tag for links in the web-based entry inspection page of affected systems. A successful exploitation incomibantion with CSRF could…
Potential Impact
Severity is CRITICAL (CVSS 9.6). Depending on deployment context, affected components may be exposed to unauthorized actions or data integrity risk.
Exploitability Assessment
Exploitability is assessed as Very High based on published exploit references, remote code execution potential, low-bar exploit prerequisites.
Primary risk drivers: published exploit references, remote code execution potential, low-bar exploit prerequisites
Mitigation Recommendations
Validate affected product versions, prioritize patching, and monitor references for vendor remediation guidance. If immediate patching is not possible, apply compensating controls and limit exposure of vulnerable surfaces.
Detection & Monitoring
Track authentication anomalies, unexpected file writes, and suspicious plugin API activity around affected components.
Business Impact Lens
AI risk score 100/100 (Critical, Very High) with priority P1 Immediate. Prioritize remediation where affected components process customer data, admin sessions, or Internet-exposed workflows.
