Strix
26.1K

CVE-2021-24814

CRITICALCVSS 9.6/10EPSS 2.08%

Last modified

CVE-2021-24814 is a critical-severity vulnerability rated 9.6/10 on the CVSS scale. The check_privacy_settings AJAX action of the WordPress GDPR WordPress plugin before 1.9.26, available to both unauthenticated and authenticated users, responds with JSON data without an "application/json" content-type. Since an HTML payload isn't properly escaped, it may be interpreted by a web browser led to this endpoint. EPSS estimates a 2.08% chance of exploitation in the next 30 days.

Description

The check_privacy_settings AJAX action of the WordPress GDPR WordPress plugin before 1.9.26, available to both unauthenticated and authenticated users, responds with JSON data without an "application/json" content-type. Since an HTML payload isn't properly escaped, it may be interpreted by a web browser led to this endpoint. Javascript code may be executed on a victim's browser. If the victim is an administrator with a valid session cookie, full control of the WordPress instance may be taken (AJAX calls and iframe manipulation are possible because the vulnerable endpoint is on the same domain as the admin panel - there is no same-origin restriction).

Metrics

CVSS 3.1
9.6/10

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H

EPSS Probability
2.08%

79.2th percentile

Probability of exploitation in the next 30 days. Learn more

Weakness Enumeration

Affected Software

VendorProductVersions
WelaunchWordpress Gdpr\&Ccpa<= 1.9.26

References

Timeline

Published
Last Modified
Status
Modified

Frequently Asked Questions

What is CVE-2021-24814?
The check_privacy_settings AJAX action of the WordPress GDPR WordPress plugin before 1.9.26, available to both unauthenticated and authenticated users, responds with JSON data without an "application/json" content-type. Since an HTML payload isn't properly escaped, it may be interpreted by a web browser led to this endpoint. Javascript code may be executed on a victim's browser. If the victim is an administrator with a valid session cookie, full control of the WordPress instance may be taken (AJAX calls and iframe manipulation are possible because the vulnerable endpoint is on the same domain as the admin panel - there is no same-origin restriction).
How severe is CVE-2021-24814?
CVE-2021-24814 has a CVSS score of 9.6/10 (CRITICAL severity). The EPSS model estimates a 2.08% probability of exploitation in the next 30 days.
How do I fix CVE-2021-24814?
Check the vendor references and advisories linked above for patched versions and mitigation guidance. You can also run a Strix scan to test if your systems are affected.

Are you affected by CVE-2021-24814?

Run a free Strix scan to check your systems for this vulnerability.

Scan your code now

Source: NVD / NIST