Greenshift < 5.0.0 - Author+ Stored XSS

2023-03-2700:00:00

wpscan.com

greenshift

plugin

stored xss

svg upload

0.001 Low

EPSS

Percentile

21.0%

The plugin does not sanitise uploaded SVG files, which could allow users with a role as low as Author to perform Stored Cross-Site Scripting attacks

CPENameOperatorVersion
greenshift-animation-and-page-builder-blockslt5.0.0

CPE	Name	Operator	Version
	greenshift-animation-and-page-builder-blocks	lt	5.0.0

0.001 Low

EPSS

Percentile

21.0%

Related for WPVDB-ID:C01E5914-460C-40DE-A45C-9FC870402EB6