cve/2021/CVE-2021-24961.md

### [CVE-2021-24961](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-24961)
![](https://img.shields.io/static/v1?label=Product&message=WordPress%20File%20Upload&color=blue)
![](https://img.shields.io/static/v1?label=Product&message=wordpress-file-upload-pro&color=blue)
![](https://img.shields.io/static/v1?label=Version&message=4.16.3%20&color=brightgreen)
![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-79%20Cross-site%20Scripting%20(XSS)&color=brightgreen)

### Description

The WordPress File Upload WordPress plugin before 4.16.3, wordpress-file-upload-pro WordPress plugin before 4.16.3 does not escape some of its shortcode argument, which could allow users with a role as low as Contributor to perform Cross-Site Scripting attacks

### POC

#### Reference
- https://plugins.trac.wordpress.org/changeset/2677722
- https://wpscan.com/vulnerability/c911bbbd-0196-4e3d-ada3-4efb8a339954

#### Github
- https://github.com/20142995/nuclei-templates