CVE-2021-24331

CVE-2021-24331: Smooth Scroll Page Up/Down Buttons < 1.4 - Authenticated Stored XSS

Vendor Unknown
Product Smooth Scroll Page Up/Down Buttons
Weakness CWE-79 · XSS
Published June 1, 2021
Last update August 3, 2024

CVSS base score

What the vulnerability does

01Description

The Smooth Scroll Page Up/Down Buttons WordPress plugin before 1.4 did not properly sanitise and validate its settings, such as psb_distance, psb_buttonsize, psb_speed, only validating them client side. This could allow high privilege users (such as admin) to set XSS payloads in them

Key dates

02Disclosure timeline

June 1, 2021 CVE published
August 3, 2024 Record updated