EPSS
Percentile
21.4%
Stored Cross-Site Scripting (XSS) via Malicious SVG vulnerability discovered by apple502j in WordPress File Upload plugin (versions <= 4.16.2).
Update the WordPress File Upload plugin to the latest available version (at least 4.16.3).
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-24960
wordpress.org/plugins/wp-file-upload/#developers
wpscan.com/vulnerability/18902832-2973-498d-808e-c75d1aedc11e