CVE-2021-24418 - OpenCVE

The Smooth Scroll Page Up/Down Buttons WordPress plugin through 1.4 does not properly sanitise and validate its psb_positioning settings, allowing high privilege users such as admin to set an XSS payload in it, which will be executed in all pages of the blog

No CVSS v4.0

Attack Vector Network

Attack Complexity Low

Privileges Required High

Scope Changed

Confidentiality Impact Low

Integrity Impact Low

Availability Impact None

User Interaction Required

No CVSS v3.0

Access Vector Network

Access Complexity Medium

Authentication Single

Confidentiality Impact None

Integrity Impact Partial

Availability Impact None

AV:N/AC:M/Au:S/C:N/I:P/A:N

This CVE is not in the KEV list.

Key SSVC decision points have not yet been added.

Vendors	Products
Smooth Scroll Page Up\/down Buttons Project	Smooth Scroll Page Up\/down Buttons

Configuration 1 [-]

cpe:2.3:a:smooth_scroll_page_up\/down_buttons_project:smooth_scroll_page_up\/down_buttons:*:*:*:*:*:wordpress:*:*

No data.

References

Link	Providers
https://m0ze.ru/vulnerability/%5B2021-04-29%5D-%5BWordPress%5D-%5BCWE-79%5D-Smooth-Scroll-Page-UpDown-Buttons-WordPress-Plugin-v1.4.txt
https://wpscan.com/vulnerability/1512bba9-89e2-493d-b85d-10c7acb903db

History

No history.

MITRE

Status: PUBLISHED

Assigner: WPScan

Published: 2021-07-12T19:20:53

Updated: 2024-08-03T19:28:23.840Z

Reserved: 2021-01-14T00:00:00

Link: CVE-2021-24418

Vulnrichment

No data.

NVD

Status : Modified

Published: 2021-07-12T20:15:08.867

Modified: 2023-11-07T03:31:12.597

Link: CVE-2021-24418

Redhat

No data.

{"containers": {"cna": {"affected": [{"product": "Smooth Scroll Page Up/Down Buttons", "vendor": "Mark Senff", "versions": [{"lessThanOrEqual": "1.4", "status": "affected", "version": "1.4", "versionType": "custom"}]}], "credits": [{"lang": "en", "value": "m0ze"}], "descriptions": [{"lang": "en", "value": "The Smooth Scroll Page Up/Down Buttons WordPress plugin through 1.4 does not properly sanitise and validate its psb_positioning settings, allowing high privilege users such as admin to set an XSS payload in it, which will be executed in all pages of the blog"}], "problemTypes": [{"descriptions": [{"cweId": "CWE-79", "description": "CWE-79 Cross-site Scripting (XSS)", "lang": "en", "type": "CWE"}]}], "providerMetadata": {"dateUpdated": "2021-07-12T19:20:53", "orgId": "1bfdd5d7-9bf6-4a53-96ea-42e2716d7a81", "shortName": "WPScan"}, "references": [{"tags": ["x_refsource_CONFIRM"], "url": "https://wpscan.com/vulnerability/1512bba9-89e2-493d-b85d-10c7acb903db"}, {"tags": ["x_refsource_MISC"], "url": "https://m0ze.ru/vulnerability/%5B2021-04-29%5D-%5BWordPress%5D-%5BCWE-79%5D-Smooth-Scroll-Page-UpDown-Buttons-WordPress-Plugin-v1.4.txt"}], "source": {"discovery": "UNKNOWN"}, "title": "Smooth Scroll Page Up/Down Buttons <= 1.4 - Authenticated Stored XSS via psb_positioning", "x_generator": "WPScan CVE Generator", "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "contact@wpscan.com", "ID": "CVE-2021-24418", "STATE": "PUBLIC", "TITLE": "Smooth Scroll Page Up/Down Buttons <= 1.4 - Authenticated Stored XSS via psb_positioning"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "Smooth Scroll Page Up/Down Buttons", "version": {"version_data": [{"version_affected": "<=", "version_name": "1.4", "version_value": "1.4"}]}}]}, "vendor_name": "Mark Senff"}]}}, "credit": [{"lang": "eng", "value": "m0ze"}], "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "The Smooth Scroll Page Up/Down Buttons WordPress plugin through 1.4 does not properly sanitise and validate its psb_positioning settings, allowing high privilege users such as admin to set an XSS payload in it, which will be executed in all pages of the blog"}]}, "generator": "WPScan CVE Generator", "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "CWE-79 Cross-site Scripting (XSS)"}]}]}, "references": {"reference_data": [{"name": "https://wpscan.com/vulnerability/1512bba9-89e2-493d-b85d-10c7acb903db", "refsource": "CONFIRM", "url": "https://wpscan.com/vulnerability/1512bba9-89e2-493d-b85d-10c7acb903db"}, {"name": "https://m0ze.ru/vulnerability/[2021-04-29]-[WordPress]-[CWE-79]-Smooth-Scroll-Page-UpDown-Buttons-WordPress-Plugin-v1.4.txt", "refsource": "MISC", "url": "https://m0ze.ru/vulnerability/[2021-04-29]-[WordPress]-[CWE-79]-Smooth-Scroll-Page-UpDown-Buttons-WordPress-Plugin-v1.4.txt"}]}, "source": {"discovery": "UNKNOWN"}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-03T19:28:23.840Z"}, "title": "CVE Program Container", "references": [{"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "https://wpscan.com/vulnerability/1512bba9-89e2-493d-b85d-10c7acb903db"}, {"tags": ["x_refsource_MISC", "x_transferred"], "url": "https://m0ze.ru/vulnerability/%5B2021-04-29%5D-%5BWordPress%5D-%5BCWE-79%5D-Smooth-Scroll-Page-UpDown-Buttons-WordPress-Plugin-v1.4.txt"}]}]}, "cveMetadata": {"assignerOrgId": "1bfdd5d7-9bf6-4a53-96ea-42e2716d7a81", "assignerShortName": "WPScan", "cveId": "CVE-2021-24418", "datePublished": "2021-07-12T19:20:53", "dateReserved": "2021-01-14T00:00:00", "dateUpdated": "2024-08-03T19:28:23.840Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:smooth_scroll_page_up\\/down_buttons_project:smooth_scroll_page_up\\/down_buttons:*:*:*:*:*:wordpress:*:*", "matchCriteriaId": "568004E8-0158-4310-B5C9-5C368CE7FF1A", "versionEndIncluding": "1.4", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "The Smooth Scroll Page Up/Down Buttons WordPress plugin through 1.4 does not properly sanitise and validate its psb_positioning settings, allowing high privilege users such as admin to set an XSS payload in it, which will be executed in all pages of the blog"}, {"lang": "es", "value": "El plugin de WordPress Smooth Scroll Page Up/Down Buttons versiones hasta 1.4, no sanea o comprueba apropiadamente su configuraci\u00f3n psb_positioning, permitiendo a usuarios con privilegios elevados, como el administrador, ajustar una carga \u00fatil XSS en ella, que ser\u00e1 ejecutada en todas las p\u00e1ginas del blog"}], "id": "CVE-2021-24418", "lastModified": "2023-11-07T03:31:12.597", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "LOW", "cvssData": {"accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "SINGLE", "availabilityImpact": "NONE", "baseScore": 3.5, "confidentialityImpact": "NONE", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:M/Au:S/C:N/I:P/A:N", "version": "2.0"}, "exploitabilityScore": 6.8, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": true}], "cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 4.8, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "privilegesRequired": "HIGH", "scope": "CHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N", "version": "3.1"}, "exploitabilityScore": 1.7, "impactScore": 2.7, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2021-07-12T20:15:08.867", "references": [{"source": "contact@wpscan.com", "url": "https://m0ze.ru/vulnerability/%5B2021-04-29%5D-%5BWordPress%5D-%5BCWE-79%5D-Smooth-Scroll-Page-UpDown-Buttons-WordPress-Plugin-v1.4.txt"}, {"source": "contact@wpscan.com", "tags": ["Exploit", "Third Party Advisory"], "url": "https://wpscan.com/vulnerability/1512bba9-89e2-493d-b85d-10c7acb903db"}], "sourceIdentifier": "contact@wpscan.com", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-79"}], "source": "contact@wpscan.com", "type": "Primary"}]}