Lucene search

K
cvelistWPScanCVELIST:CVE-2021-24640
HistorySep 20, 2021 - 10:06 a.m.

CVE-2021-24640 Gutenslider < 5.2.0 - Contributor+ Stored XSS

2021-09-2010:06:46
CWE-79
WPScan
www.cve.org

0.001 Low

EPSS

Percentile

24.8%

The WordPress Slider Block Gutenslider plugin before 5.2.0 does not escape the minWidth attribute of a Gutenburg block, which could allow users with a role as low as contributor to perform Cross-Site Scripting attacks

CNA Affected

[
  {
    "product": "WordPress Slider Block Gutenslider",
    "vendor": "Unknown",
    "versions": [
      {
        "lessThan": "5.2.0",
        "status": "affected",
        "version": "5.2.0",
        "versionType": "custom"
      }
    ]
  }
]

0.001 Low

EPSS

Percentile

24.8%

Related for CVELIST:CVE-2021-24640