Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
cvelistMitreCVELIST:CVE-2019-16931
HistoryOct 03, 2019 - 6:34 p.m.

CVE-2019-16931

2019-10-0318:34:45
mitre
www.cve.org

6.6 Medium

AI Score

Confidence

High

0.002 Low

EPSS

Percentile

52.9%

JSON

A stored XSS vulnerability in the Visualizer plugin 3.3.0 for WordPress allows an unauthenticated attacker to execute arbitrary JavaScript when an admin or other privileged user edits the chart via the admin dashboard. This occurs because classes/Visualizer/Gutenberg/Block.php registers wp-json/visualizer/v1/update-chart with no access control, and classes/Visualizer/Render/Page/Data.php lacks output sanitization.

Related

wpexploit 1
nvd 1
cve 1
wpvulndb 1
prion 1
nuclei 1
openvas 1
wpexploit
wpexploit
Visualizer < 3.3.1 - Stored Cross-Site Scripting (XSS)
2019-09-28 00:00:00
nvd
nvd
CVE-2019-16931
2019-10-03 19:15:09
cve
cve
CVE-2019-16931
2019-10-03 19:15:09
wpvulndb
wpvulndb
Visualizer < 3.3.1 - Stored Cross-Site Scripting (XSS)
2019-09-28 00:00:00
prion
prion
Cross site scripting
2019-10-03 19:15:00
nuclei
nuclei
WordPress Visualizer <3.3.1 - Cross-Site Scripting
2022-05-11 06:26:12
openvas
openvas
WordPress Visualizer Plugin < 3.3.1 Multiple Vulnerabilities
2019-10-02 00:00:00

6.6 Medium

AI Score

Confidence

High

0.002 Low

EPSS

Percentile

52.9%

JSON
Related for CVELIST:CVE-2019-16931
wpexploit1nvd1cve1wpvulndb1prion1nuclei1openvas1