Lucene search
K

5 matches found

RedhatCVE
RedhatCVE
added 2025/05/22 9:5 p.m.6 views

CVE-2021-24686

The SVG Support WordPress plugin before 2.3.20 does not escape the "CSS Class to target" setting before outputting it in an attribute, which could allow high privilege users to perform Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed...

4.8CVSS6AI score0.00654EPSS
Exploits2References1
OSV
OSV
added 2022/02/01 1:15 p.m.5 views

CVE-2021-24686

The SVG Support WordPress plugin before 2.3.20 does not escape the "CSS Class to target" setting before outputting it in an attribute, which could allow high privilege users to perform Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed...

4.8CVSS5.8AI score0.00654EPSS
Exploits2References2
NVD
NVD
added 2022/02/01 1:15 p.m.20 views

CVE-2021-24686

The SVG Support WordPress plugin before 2.3.20 does not escape the "CSS Class to target" setting before outputting it in an attribute, which could allow high privilege users to perform Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed...

4.8CVSS0.00654EPSS
Exploits2References2
Cvelist
Cvelist
added 2022/02/01 12:21 p.m.23 views

CVE-2021-24686 SVG Support < 2.3.20 - Admin+ Stored Cross-Site Scripting

The SVG Support WordPress plugin before 2.3.20 does not escape the "CSS Class to target" setting before outputting it in an attribute, which could allow high privilege users to perform Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed...

5AI score0.00654EPSS
Exploits2References2
CVE
CVE
added 2022/02/01 12:21 p.m.63 views

CVE-2021-24686

The CVE-2021-24686 entry concerns the WordPress SVG Support plugin prior to 2.3.20, where the plugin fails to escape the CSS Class to target setting when output in an attribute. This allows XSS by high-privilege users, even if unfiltered_html is disallowed. Public sources in connected docs confir...

4.8CVSS4.7AI score0.00654EPSS
Exploits2References2Affected Software1
Rows per page
Query Builder