CVE-2021-24686

The SVG Support WordPress plugin before 2.3.20 does not escape the "CSS Class to target" setting before outputting it in an attribute, which could allow high privilege users to perform Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed.
Cross-site Scripting
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
4.8 MEDIUM
NETWORK
LOW
HIGH
CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N
WPScanCNA
---
---
CVEADP
---
---
Base Score
CVSS 3.x
EPSS Score
Percentile: 42%
VendorProductVersion
benbodhisvg_support
𝑥
< 2.3.20
𝑥
= Vulnerable software versions
Common Weakness Enumeration
References
https://plugins.trac.wordpress.org/changeset/2651929
https://wpscan.com/vulnerability/38018695-901d-48d9-b39a-7c00df7f0a4b
https://plugins.trac.wordpress.org/changeset/2651929
https://wpscan.com/vulnerability/38018695-901d-48d9-b39a-7c00df7f0a4b