WordPress File Upload plugin vulnerability allowing Contributor+ role to upload malicious SVG files for Cross-Site Scripting
Reporter | Title | Published | Views | Family All 8 |
---|---|---|---|---|
wpexploit | WordPress File Upload < 4.16.3 - Contributor+ Stored Cross-Site Scripting via Malicious SVG | 14 Feb 202200:00 | – | wpexploit |
Patchstack | WordPress File Upload plugin <= 4.16.2 - Stored Cross-Site Scripting (XSS) via Malicious SVG vulnerability | 14 Feb 202200:00 | – | patchstack |
Patchstack | WordPress File Upload Pro premium plugin <= 4.16.2 - Stored Cross-Site Scripting (XSS) via Malicious SVG vulnerability | 14 Feb 202200:00 | – | patchstack |
CVE | CVE-2021-24960 | 7 Mar 202209:15 | – | cve |
NVD | CVE-2021-24960 | 7 Mar 202209:15 | – | nvd |
CNVD | WordPress File Upload plugin cross-site scripting vulnerability (CNVD-2023-04631) | 9 Mar 202200:00 | – | cnvd |
Prion | Cross site scripting | 7 Mar 202209:15 | – | prion |
Cvelist | CVE-2021-24960 WordPress File Upload < 4.16.3 - Contributor+ Stored Cross-Site Scripting via Malicious SVG | 7 Mar 202208:16 | – | cvelist |
Source | Link |
---|---|
plugins | www.plugins.trac.wordpress.org/changeset/2677722 |
Transform Your Security Services
Elevate your offerings with Vulners' advanced Vulnerability Intelligence. Contact us for a demo and discover the difference comprehensive, actionable intelligence can make in your security strategy.
Book a live demo