CVE-2021-24681

Name of the Vulnerable Software and Affected Versions Duplicate Page WordPress plugin versions 4.4.2 and earlier

Description The issue allows high privilege users to perform Stored Cross-Site Scripting attacks due to the lack of sanitization or escaping of the Duplicate Post Suffix settings before outputting it, even when the unfiltered html capability is disallowed.

Recommendations For Duplicate Page WordPress plugin versions 4.4.2 and earlier, update to a version later than 4.4.2 to resolve the issue. At the moment, there is no information about a newer version that contains a fix for this vulnerability.