CVEs-PoC/2021/CVE-2021-24960.md

### [CVE-2021-24960](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-24960)
![](https://img.shields.io/static/v1?label=Product&message=WordPress%20File%20Upload&color=blue)
![](https://img.shields.io/static/v1?label=Product&message=wordpress-file-upload-pro&color=blue)
![](https://img.shields.io/static/v1?label=Version&message=4.16.3%20&color=brightgreen)
![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-434%20Unrestricted%20Upload%20of%20File%20with%20Dangerous%20Type&color=brightgreen)

### Description

The WordPress File Upload WordPress plugin before 4.16.3, wordpress-file-upload-pro WordPress plugin before 4.16.3 allows users with a role as low as Contributor to configure the upload form in a way that allows uploading of SVG files, which could be then be used for Cross-Site Scripting attacks

### POC

#### Reference
- https://plugins.trac.wordpress.org/changeset/2677722
- https://wpscan.com/vulnerability/18902832-2973-498d-808e-c75d1aedc11e

#### Github
- https://github.com/20142995/nuclei-templates