CVE-2021-43409 - Wordpress Azure Ad Microsoft Office 365 Plugin
CVE-2021-43409
The “WPO365 | LOGIN” WordPress plugin (up to and including version 15.3) by wpo365.com is vulnerable to a persistent Cross-Site Scripting (XSS) vulnerability (also known as Stored or Second-Order XSS). Persistent XSS vulnerabilities occur when the application stores and retrieves client supplied data without proper handling of dangerous content. This type of XSS vulnerability is exploited by submitting malicious script content to the application which is then retrieved and executed by other application users. The attacker could exploit this to conduct a range of attacks against users of the affected application such as session hijacking, account take over and accessing sensitive data. In this case, the XSS payload can be submitted by any anonymous user, the payload then renders and executes when a WordPress administrator authenticates and accesses the WordPress Dashboard. The injected payload can carry out actions on behalf of the administrator including adding other administrative users and changing application settings. This flaw could be exploited to ultimately provide full control of the affected system to the attacker.
CVE-2021-43409
CRITICAL
CVSS 9.3
Published 2021-11-19
Updated 2024-11-21
AI Risk High (86/100)
Active Exploit: No strong signal
Published Exploit: No public exploit references
Priority: P2 Urgent
Severity Band
CRITICAL
CVSS Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:N
Affected Components
1
Reference Links
2
AI Risk Engine
High (86/100)
Exploitability
High
Active Exploitation
No strong signal
Published Exploit Status
No public exploit references
AI Context
Machine-generated threat intelligence
AI
Updated 10 days ago
AI enriched 10 days ago (2026-04-12 02:23 UTC)
Technical Summary
The “WPO365 | LOGIN” WordPress plugin (up to and including version 15.3) by wpo365.com is vulnerable to a persistent Cross-Site Scripting (XSS) vulnerability (also known as Stored or Second-Order XSS). Persistent XSS vulnerabilities occur when the application stores and retrieves client supplied data without proper handling of dangerous content. This type of XSS vulnerability is exploited by submitting malicious script content to the application which is then retrieved and executed by other application users. The attacker could exploit this to…
Potential Impact
Severity is CRITICAL (CVSS 9.3). Depending on deployment context, affected components may be exposed to unauthorized actions or data integrity risk.
Exploitability Assessment
Exploitability is assessed as High based on severity and technical exposure profile.
Primary risk drivers: severity and technical exposure profile
Mitigation Recommendations
Validate affected product versions, prioritize patching, and monitor references for vendor remediation guidance. If immediate patching is not possible, apply compensating controls and limit exposure of vulnerable surfaces.
Detection & Monitoring
Track authentication anomalies, unexpected file writes, and suspicious plugin API activity around affected components.
Business Impact Lens
AI risk score 86/100 (High, High) with priority P2 Urgent. Prioritize remediation where affected components process customer data, admin sessions, or Internet-exposed workflows.
