Lucene search
WPScanCVELIST:CVE-2021-24759HistoryDec 06, 2021 - 3:55 p.m.
CVE-2021-24759 PDF.js Viewer < 2.0.2 - Contributor+ Stored Cross-Site Scripting
2021-12-0615:55:26
CWE-79
WPScan
www.cve.org
3
cve-2021-24759
pdf.js viewer
wordpress
stored cross-site scripting
contributor
cross-site scripting
EPSS
0.001
Percentile
24.8%
The PDF.js Viewer WordPress plugin before 2.0.2 does not escape some of its shortcode and Gutenberg Block attributes, which could allow users with a role as low as Contributor to to perform Cross-Site Scripting attacks
CNA Affected
[
{
"product": "PDF.js Viewer",
"vendor": "Unknown",
"versions": [
{
"lessThan": "2.0.2",
"status": "affected",
"version": "2.0.2",
"versionType": "custom"
}
]
}
]Related
nvd
nvd
CVE-2021-24759
2021-12-06 16:15:07
wpexploit
wpexploit
PDF.js Viewer < 2.0.2 - Contributor+ Stored Cross-Site Scripting
2021-11-08 00:00:00
cve
cve
CVE-2021-24759
2021-12-06 16:15:07
patchstack
patchstack
cnvd
cnvd
WordPress PDF.js Viewer plugin cross-site scripting vulnerability
2021-12-09 00:00:00
wpvulndb
wpvulndb
PDF.js Viewer < 2.0.2 - Contributor+ Stored Cross-Site Scripting
2021-11-08 00:00:00
prion
prion
Cross site scripting
2021-12-06 16:15:00