CVE-2024-33648

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Kemory Grubb Recencio Book Reviews recencio-book-reviews allows DOM-Based XSS.This issue affects Recencio Book Reviews: from n/a through <= 1.66.0.

CVSS

No CVSS.

References

Link	Resource
https://patchstack.com/database/Wordpress/Plugin/recencio-book-reviews/vulnerability/wordpress-recencio-book-reviews-plugin-1-66-0-cross-site-scripting-xss-vulnerability?_s_id=cve
https://patchstack.com/database/vulnerability/recencio-book-reviews/wordpress-recencio-book-reviews-plugin-1-66-0-cross-site-scripting-xss-vulnerability?_s_id=cve

Configurations

No configuration.

History

01 Apr 2026, 16:17

Type	Values Removed	Values Added
CVSS	v2 : ~~unknown~~ v3 : ~~6.5~~	v2 : unknown v3 : unknown
Summary	(en) Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Kemory Grubb Recencio Book Reviews allows DOM-Based XSS.This issue affects Recencio Book Reviews: from n/a through 1.66.0.	(en) Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Kemory Grubb Recencio Book Reviews recencio-book-reviews allows DOM-Based XSS.This issue affects Recencio Book Reviews: from n/a through <= 1.66.0.
References	~~{'url': 'https://github.com/tompos2/rcno-reviews/commit/3c9d1c0b232184280e97d0f7a67bc07362f83c53', 'source': 'audit@patchstack.com'}~~ {'url': 'https://patchstack.com/database/wordpress/plugin/recencio-book-reviews/vulnerability/wordpress-recencio-book-reviews-plugin-1-66-0-cross-site-scripting-xss-vulnerability?_s_id=cve', 'source': 'audit@patchstack.com'}	() https://patchstack.com/database/Wordpress/Plugin/recencio-book-reviews/vulnerability/wordpress-recencio-book-reviews-plugin-1-66-0-cross-site-scripting-xss-vulnerability?_s_id=cve -

17 Feb 2026, 13:16

Type	Values Removed	Values Added
Summary	(en) Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in wzy Media Recencio Book Reviews allows Stored XSS.This issue affects Recencio Book Reviews: from n/a through 1.66.0.	(en) Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Kemory Grubb Recencio Book Reviews allows DOM-Based XSS.This issue affects Recencio Book Reviews: from n/a through 1.66.0.
References		() https://github.com/tompos2/rcno-reviews/commit/3c9d1c0b232184280e97d0f7a67bc07362f83c53 - () https://patchstack.com/database/wordpress/plugin/recencio-book-reviews/vulnerability/wordpress-recencio-book-reviews-plugin-1-66-0-cross-site-scripting-xss-vulnerability?_s_id=cve -

21 Nov 2024, 09:17

Type	Values Removed	Values Added
References	~~() https://patchstack.com/database/vulnerability/recencio-book-reviews/wordpress-recencio-book-reviews-plugin-1-66-0-cross-site-scripting-xss-vulnerability?_s_id=cve -~~	() https://patchstack.com/database/vulnerability/recencio-book-reviews/wordpress-recencio-book-reviews-plugin-1-66-0-cross-site-scripting-xss-vulnerability?_s_id=cve -
Summary		(es) La vulnerabilidad de neutralización inadecuada de la entrada durante la generación de páginas web ('Cross-site Scripting') en wzy Media Recencio Book Reviews permite almacenar XSS. Este problema afecta a Recencio Book Reviews: desde n/a hasta 1.66.0.

29 Apr 2024, 05:15

Type	Values Removed	Values Added
New CVE

Information

Published : 2024-04-29 05:15

Updated : 2026-04-01 16:17

NVD link : CVE-2024-33648

Mitre link : CVE-2024-33648

CVE.ORG link : CVE-2024-33648

JSON object : View

Products Affected

No product.

CWE

CWE-79

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

JSON object

Attach tags to CVE-2024-33648

Attach tags to `CVE-2024-33648`