SVG Support < 2.3.20 - Admin+ Stored Cross-Site Scripting
CVE-2021-24686

4.8MEDIUM

Key Information:

Vendor: Wordpress
Status: Svg Support
Vendor: CVE Published:; 1 February 2022

What is CVE-2021-24686?

The SVG Support WordPress plugin before 2.3.20 does not escape the "CSS Class to target" setting before outputting it in an attribute, which could allow high privilege users to perform Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed.

References

https://wpscan.com/vulnerability/38018695-901d-48d9-b39a-...

x_refsource_MISC

https://plugins.trac.wordpress.org/changeset/2651929

x_refsource_CONFIRM

CVSS V3.1

Score:

4.8

Severity:

MEDIUM

Confidentiality:

Low

Integrity:

Low

Availability:

Low

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

High

User Interaction:

Required

Scope:

Changed

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Feb 1, 2022
Vulnerability Reserved
Jan 14, 2021

Credit

Shivam Rai

Wordpress

What is CVE-2021-24686?

References

CVSS V3.1

Timeline

Credit