4 matches found
CVE-2019-14795
The toggle-the-title aka Toggle The Title plugin 1.4 for WordPress has XSS via the wp-admin/admin-ajax.php?action=updatetitleoptions isAutoSaveValveChecked or isDisableAllPagesValveChecked parameter...
CVE-2019-14795
The toggle-the-title aka Toggle The Title plugin 1.4 for WordPress has XSS via the wp-admin/admin-ajax.php?action=updatetitleoptions isAutoSaveValveChecked or isDisableAllPagesValveChecked parameter...
CVE-2019-14795
The toggle-the-title aka Toggle The Title plugin 1.4 for WordPress has XSS via the wp-admin/admin-ajax.php?action=updatetitleoptions isAutoSaveValveChecked or isDisableAllPagesValveChecked parameter...
CVE-2019-14795
Summary: CVE-2019-14795 affects the WordPress plugin “Toggle The Title” (version 1.4) and enables a stored/ reflected cross-site scripting (XSS) via admin-ajax.php?action=update_title_options with parameters isAutoSaveValveChecked or isDisableAllPagesValveChecked. This vulnerability is documented...