CVE-2019-16217

2019-09-11T14:15:00
ID CVE-2019-16217
Type cve
Reporter cve@mitre.org
Modified 2019-10-17T23:15:00

Description

WordPress before 5.2.3 allows XSS in media uploads because wp_ajax_upload_attachment is mishandled.