Lucene search
GoogleOSV:CVE-2019-6112HistoryAug 14, 2020 - 2:15 p.m.
CVE-2019-6112
2020-08-1414:15:12
Google
osv.dev
8
A Cross-site scripting (XSS) vulnerability in /inc/class-search.php in the Sell Media plugin v2.4.1 for WordPress allows remote attackers to inject arbitrary web script or HTML via the keyword parameter (aka $search_term or the Search field).
| CPE | Name | Operator | Version |
|---|---|---|---|
| sell-media | eq | 1.7 | |
| sell-media | eq | 1.2.6 | |
| sell-media | eq | 1.6.4 | |
| sell-media | eq | 2.0 | |
| sell-media | eq | 2.1.5 | |
| sell-media | eq | 1.9.6 | |
| sell-media | eq | 2.2.4 | |
| sell-media | eq | 2.0.1 | |
| sell-media | eq | 2.1.3 | |
| sell-media | eq | 2.1.1 |
Related
patchstack
patchstack
nvd
nvd
CVE-2019-6112
2020-08-14 14:15:12
wpvulndb
wpvulndb
Sell Media < 2.4.2 - Unauthenticated Reflected Cross-Site Scripting (XSS)
2020-08-14 00:00:00
cve
cve
CVE-2019-6112
2020-08-14 14:15:12
nuclei
nuclei
WordPress Sell Media 2.4.1 - Cross-Site Scripting
2020-08-16 15:22:28
wpexploit
wpexploit
Sell Media < 2.4.2 - Unauthenticated Reflected Cross-Site Scripting (XSS)
2020-08-14 00:00:00
cvelist
cvelist
CVE-2019-6112
2020-08-14 13:42:24
prion
prion
Cross site scripting
2020-08-14 14:15:00