CVE-2021-24693: Simple Download Monitor < 3.9.5 - Contributor+ Stored Cross-Site Scripting via File Thumbnail
First published: Mon Nov 08 2021(Updated: )
The Simple Download Monitor WordPress plugin before 3.9.5 does not escape the "File Thumbnail" post meta before outputting it in some pages, which could allow users with a role as low as Contributor to perform Stored Cross-Site Scripting attacks. Given the that XSS is triggered even when the Download is in a review state, contributor could make JavaScript code execute in a context of a reviewer such as admin and make them create a rogue admin account, or install a malicious plugin
Credit: contact@wpscan.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Tipsandtricks-hq Simple Download Monitor | <3.9.5 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Frequently Asked Questions
What is the vulnerability ID for this issue?
The vulnerability ID for this issue is CVE-2021-24693.
What is the severity of CVE-2021-24693?
CVE-2021-24693 has a severity of critical (9).
What is the affected software for CVE-2021-24693?
The affected software for CVE-2021-24693 is the Simple Download Monitor WordPress plugin version up to and excluding 3.9.5.
What is the CWE classification for CVE-2021-24693?
CVE-2021-24693 is classified under CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting').
How can this vulnerability be exploited?
This vulnerability can be exploited by users with a role as low as Contributor to perform Stored Cross-Site Scripting attacks.
- collector/nvd-index
- agent/type
- agent/softwarecombine
- collector/mitre-cve
- source/MITRE
- agent/title
- agent/last-modified-date
- agent/weakness
- agent/author
- agent/references
- agent/severity
- agent/tags
- agent/event
- agent/description
- agent/first-publish-date
- vendor/tipsandtricks-hq
- canonical/tipsandtricks-hq simple download monitor