Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
cvelistMitreCVELIST:CVE-2019-19134
HistoryFeb 26, 2020 - 2:51 p.m.

CVE-2019-19134

2020-02-2614:51:33
mitre
www.cve.org

0.002 Low

EPSS

Percentile

58.6%

JSON

The Hero Maps Premium plugin 2.2.1 and prior for WordPress is prone to unauthenticated XSS via the views/dashboard/index.php p parameter because it fails to sufficiently sanitize user-supplied input. An attacker may leverage this issue to inject HTML or arbitrary JavaScript within the browser of an unsuspecting user in the context of the affected site. This may allow the attacker to steal cookie-based tokens or to launch other attacks.

Related

cve 1
nuclei 1
patchstack 1
nvd 1
wpexploit 1
wpvulndb 1
prion 1
cve
cve
CVE-2019-19134
2020-02-26 15:15:11
nuclei
nuclei
WordPress Hero Maps Premium <=2.2.1 - Cross-Site Scripting
2021-07-15 11:40:17
patchstack
patchstack
WordPress Hero Maps Premium plugin <= 2.2.1 - Unauthenticated Cross-Site Scripting (XSS) vulnerability
2020-02-25 00:00:00
nvd
nvd
CVE-2019-19134
2020-02-26 15:15:11
wpexploit
wpexploit
Hero Maps Premium < 2.2.3 - Unauthenticated Reflected Cross-Site Scripting (XSS)
2020-02-25 00:00:00
wpvulndb
wpvulndb
Hero Maps Premium < 2.2.3 - Unauthenticated Reflected Cross-Site Scripting (XSS)
2020-02-25 00:00:00
prion
prion
Input validation
2020-02-26 15:15:00

0.002 Low

EPSS

Percentile

58.6%

JSON
Related for CVELIST:CVE-2019-19134
cve1nuclei1patchstack1nvd1wpexploit1wpvulndb1prion1