{"dataType": "CVE_RECORD", "dataVersion": "5.2", "cveMetadata": {"cveId": "CVE-2024-31119", "assignerOrgId": "21595511-bba5-4825-b968-b78d1f9984a3", "state": "PUBLISHED", "assignerShortName": "Patchstack", "dateReserved": "2024-03-28T06:58:24.005Z", "datePublished": "2026-03-20T09:07:26.652Z", "dateUpdated": "2026-03-20T09:07:26.652Z"}, "containers": {"cna": {"providerMetadata": {"orgId": "21595511-bba5-4825-b968-b78d1f9984a3", "shortName": "Patchstack", "dateUpdated": "2026-03-20T09:07:26.652Z"}, "title": "WordPress Download Special Box for Content plugin <= 1 - Cross Site Scripting (XSS) vulnerability", "problemTypes": [{"descriptions": [{"lang": "en", "cweId": "CWE-79", "description": "CWE-79 Improper neutralization of input during web page generation ('cross-site scripting')", "type": "CWE"}]}], "impacts": [{"capecId": "CAPEC-588", "descriptions": [{"lang": "en", "value": "CAPEC-588 DOM-Based XSS"}]}], "affected": [{"vendor": "Vasilis Triantafyllou", "product": "Special Box for Content", "collectionURL": "https://wordpress.org/plugins", "packageName": "special-box-for-content", "versions": [{"status": "affected", "version": "n/a", "lessThanOrEqual": "1", "versionType": "custom"}], "defaultStatus": "unaffected"}], "descriptions": [{"lang": "en", "value": "Improper neutralization of input during web page generation ('cross-site scripting') vulnerability in Vasilis Triantafyllou Special Box for Content allows DOM-Based XSS.This issue affects Special Box for Content: from n/a through 1.", "supportingMedia": [{"type": "text/html", "base64": false, "value": "Improper neutralization of input during web page generation ('cross-site scripting') vulnerability in Vasilis Triantafyllou Special Box for Content allows DOM-Based XSS.<p>This issue affects Special Box for Content: from n/a through 1.</p>"}]}], "tags": ["x_open-source", "unsupported-when-assigned"], "references": [{"url": "https://patchstack.com/database/wordpress/plugin/special-box-for-content/vulnerability/wordpress-download-special-box-for-content-plugin-1-cross-site-scripting-xss-vulnerability?_s_id=cve", "tags": ["vdb-entry"]}], "metrics": [{"format": "CVSS", "scenarios": [{"lang": "en", "value": "GENERAL"}], "cvssV3_1": {"version": "3.1", "attackVector": "NETWORK", "attackComplexity": "LOW", "privilegesRequired": "HIGH", "userInteraction": "REQUIRED", "scope": "CHANGED", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "availabilityImpact": "LOW", "baseSeverity": "MEDIUM", "baseScore": 5.9, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:L"}}], "credits": [{"lang": "en", "value": "Cronus | Patchstack Bug Bounty Program", "user": "00000000-0000-4000-9000-000000000000", "type": "finder"}], "source": {"discovery": "EXTERNAL"}, "x_generator": {"engine": "Vulnogram 0.2.0"}}}}

{}

{"cveTags": [{"sourceIdentifier": "audit@patchstack.com", "tags": ["unsupported-when-assigned"]}], "descriptions": [{"lang": "en", "value": "Improper neutralization of input during web page generation ('cross-site scripting') vulnerability in Vasilis Triantafyllou Special Box for Content allows DOM-Based XSS.This issue affects Special Box for Content: from n/a through 1."}], "id": "CVE-2024-31119", "lastModified": "2026-03-20T10:16:17.790", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "LOW", "baseScore": 5.9, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "privilegesRequired": "HIGH", "scope": "CHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:L", "version": "3.1"}, "exploitabilityScore": 1.7, "impactScore": 3.7, "source": "audit@patchstack.com", "type": "Secondary"}]}, "published": "2026-03-20T10:16:17.790", "references": [{"source": "audit@patchstack.com", "url": "https://patchstack.com/database/wordpress/plugin/special-box-for-content/vulnerability/wordpress-download-special-box-for-content-plugin-1-cross-site-scripting-xss-vulnerability?_s_id=cve"}], "sourceIdentifier": "audit@patchstack.com", "vulnStatus": "Received", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-79"}], "source": "audit@patchstack.com", "type": "Primary"}]}

{}

{"analysis": {"en": {"generated_at": "2026-03-20T10:21:54.861092+00:00", "value": {"mitigation_remediation": ["Check the vendor\u2019s website or official release channels for a security patch for Special Box for Content and apply it immediately.", "If a patch is unavailable, disable or delete the plugin from the WordPress installation to remove the vulnerability.", "Implement a Content Security Policy that restricts the execution of inline scripts or restricts script sources to trusted origins.", "Continuously monitor the plugin\u2019s repository or vendor advisories for future updates or additional mitigation guidance."], "summary": {"action": "Update Plugin", "impact": "DOM\u2011Based Cross\u2011Site Scripting"}, "threat_synthesis": {"affected_systems": "The vulnerability affects the Special Box for Content plugin by Vasilis Triantafyllou, specifically all versions from the earliest (n/a) through version 1.0. All WordPress installations that have installed this plugin and have not applied a patch or upgraded to a non\u2011vulnerable version are potentially impacted.", "description_and_impact": "CVE-2024-31119 is a DOM\u2011based Cross\u2011Site Scripting (XSS) vulnerability in the WordPress Special Box for Content plugin. The injection flaw arises from improper neutralization of user input during web page generation, allowing an attacker to execute arbitrary JavaScript in the context of a victim\u2019s browser. As a result, an attacker could hijack user sessions, steal cookies, deface content, or redirect users to malicious sites. This weakness is catalogued as CWE\u201179 and poses a direct threat to confidentiality and data integrity for all users who interact with the affected plugin.", "risk_and_exploitability": "The CVSS score of 5.9 signifies moderate severity and the EPSS score is not available. The vulnerability is not listed in the CISA Known Exploited Vulnerabilities catalog. Based on the description, the likely attack vector is an attacker crafting a malicious URL or form that injects payloads into the DOM when a victim visits a page containing the vulnerable plugin. No special privileges or authentication are required, which increases the risk for widespread exploitation."}}}}, "created": "2026-03-20T10:36:27.652861+00:00", "updated": "2026-03-20T10:36:27.652889+00:00", "vendors": []}