3 matches found
CVE-2021-24759
creationtimestamp| type| source ---|---|--- 2021-12-06 18:20:53+00:00| seen| https://t.me/cibsecurity/33382...
CVE-2021-24759
The CVE-2021-24759 affects the WordPress PDF.js Viewer plugin prior to 2.0.2. The issue is a lack of escaping for certain shortcode and Gutenberg Block attributes, enabling stored Cross-Site Scripting via inputs that could be submitted by users with a role as low as Contributor. Documented impact...
CVE-2021-24759 PDF.js Viewer < 2.0.2 - Contributor+ Stored Cross-Site Scripting
The PDF.js Viewer WordPress plugin before 2.0.2 does not escape some of its shortcode and Gutenberg Block attributes, which could allow users with a role as low as Contributor to to perform Cross-Site Scripting attacks...