Lucene search
WPScanCVELIST:CVE-2021-24541HistoryAug 16, 2021 - 10:48 a.m.
CVE-2021-24541 Wonder PDF Embed < 1.7 - Contributor+ Stored XSS
2021-08-1610:48:32
CWE-79
WPScan
www.cve.org
4
cve-2021-24541; wonder pdf embed; wordpress plugin; contributor; stored xss; security vulnerability
EPSS
0.001
Percentile
24.8%
The Wonder PDF Embed WordPress plugin before 1.7 does not escape parameters of its wonderplugin_pdf shortcode, which could allow users with a role as low as Contributor to perform Stored XSS attacks.
CNA Affected
[
{
"product": "Wonder PDF Embed",
"vendor": "Unknown",
"versions": [
{
"lessThan": "1.7",
"status": "affected",
"version": "1.7",
"versionType": "custom"
}
]
}
]Related
nvd
nvd
CVE-2021-24541
2021-08-16 11:15:09
patchstack
patchstack
prion
prion
Cross site scripting
2021-08-16 11:15:00
cve
cve
CVE-2021-24541
2021-08-16 11:15:09
wpexploit
wpexploit
Wonder PDF Embed < 1.7 - Contributor+ Stored XSS
2021-07-19 00:00:00
wpvulndb
wpvulndb
Wonder PDF Embed < 1.7 - Contributor+ Stored XSS
2021-07-19 00:00:00