CVE-2021-24759

The PDF.js Viewer WordPress plugin before 2.0.2 does not escape some of its shortcode and Gutenberg Block attributes, which could allow users with a role as low as Contributor to to perform Cross-Site Scripting attacks
References
Configurations

Configuration 1

cpe:2.3:a:pdf.js_viewer_project:pdf.js_viewer:*:*:*:*:*:wordpress:*:*

Information

Published : 2021-12-06 04:15

Updated : 2021-12-06 07:21


NVD link : CVE-2021-24759

Mitre link : CVE-2021-24759

Products Affected
No products.
CWE