Skip to main content

Smooth Scroll Page Up Down Buttons

2 CVEs product

Monthly

CVE-2021-24418 MEDIUM POC This Month

The Smooth Scroll Page Up/Down Buttons WordPress plugin through 1.4 does not properly sanitise and validate its psb_positioning settings, allowing high privilege users such as admin to set an XSS. Rated medium severity (CVSS 4.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

WordPress XSS Smooth Scroll Page Up Down Buttons
NVD WPScan
CVSS 3.1
4.8
EPSS
0.6%
CVE-2021-24331 MEDIUM POC This Month

The Smooth Scroll Page Up/Down Buttons WordPress plugin before 1.4 did not properly sanitise and validate its settings, such as psb_distance, psb_buttonsize, psb_speed, only validating them client. Rated medium severity (CVSS 4.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

WordPress XSS Smooth Scroll Page Up Down Buttons
NVD WPScan
CVSS 3.1
4.8
EPSS
0.7%
EPSS 1% CVSS 4.8
MEDIUM POC This Month

The Smooth Scroll Page Up/Down Buttons WordPress plugin through 1.4 does not properly sanitise and validate its psb_positioning settings, allowing high privilege users such as admin to set an XSS. Rated medium severity (CVSS 4.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

WordPress XSS Smooth Scroll Page Up Down Buttons
NVD WPScan
EPSS 1% CVSS 4.8
MEDIUM POC This Month

The Smooth Scroll Page Up/Down Buttons WordPress plugin before 1.4 did not properly sanitise and validate its settings, such as psb_distance, psb_buttonsize, psb_speed, only validating them client. Rated medium severity (CVSS 4.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

WordPress XSS Smooth Scroll Page Up Down Buttons
NVD WPScan

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy