Lucene search
China National Vulnerability DatabaseCNVD-2022-09989HistoryFeb 10, 2022 - 12:00 a.m.
WordPress SVG Support plugin cross-site scripting vulnerability
2022-02-1000:00:00
China National Vulnerability Database
www.cnvd.org.cn
7
0.001 Low
EPSS
Percentile
21.4%
WordPress is a set of blogging platforms developed by the WordPress Foundation using the PHP language. WordPress SVG Support plugin in versions prior to 2.3.20 suffers from a cross-site scripting vulnerability, which stems from a lack of data validation filtering of user-supplied data and output. An attacker could use this vulnerability to execute JavaScript code on the client side.
| CPE | Name | Operator | Version |
|---|---|---|---|
| wordpress svg support plugin | lt | 2.3.20 |
Related
nvd
nvd
CVE-2021-24686
2022-02-01 13:15:08
wpvulndb
wpvulndb
SVG Support < 2.3.20 - Admin+ Stored Cross-Site Scripting
2022-01-03 00:00:00
prion
prion
Cross site scripting
2022-02-01 13:15:00
wpexploit
wpexploit
SVG Support < 2.3.20 - Admin+ Stored Cross-Site Scripting
2022-01-03 00:00:00
patchstack
patchstack
cvelist
cvelist
CVE-2021-24686 SVG Support < 2.3.20 - Admin+ Stored Cross-Site Scripting
2022-02-01 12:21:19
cve
cve
CVE-2021-24686
2022-02-01 13:15:08
openvas
openvas
WordPress SVG Support Plugin < 2.3.20 XSS Vulnerability
2022-02-08 00:00:00