Primary

Context

Ability Accessibility Suite Stored Cross-Site Scripting Vulnerability

Vulnerability

Patched

A stored cross-site scripting vulnerability has been identified in the Accessibility Suite by Online ADA, specifically in versions through 4.18. This issue arises from an unrestricted upload of files with dangerous types, allowing malicious users to upload harmful files that could be executed later.

Impact

Exploitation of this vulnerability allows for arbitrary file uploads, which could be used to upload malicious files such as backdoors that are executed to gain further access to the website.

Remediation

Users of the Accessibility Suite by Online ADA should update to version 4.19 or later. Patchstack users can enable auto-update for vulnerable plugins.

Added: Jun 9, 2025, 7:46 PM

Updated: Jun 9, 2025, 7:46 PM

Vulnerability Rating

Custom Algorithm

spread

3.4

impact

10.0

exploitability

5.4

remediation

7.7

relevance

0.0

threat

0.0

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

3.4

impact

10.0

exploitability

5.4

remediation

7.7

relevance

0.0

threat

0.0

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Ability Accessibility Suite Stored Cross-Site Scripting Vulnerability

Vulnerability

Impact

Remediation

Affected Products

Ability Accessibility Suite

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating