2 matches found
CVE-2019-16289
The insert-php aka Woody ad snippets plugin before 2.2.8 for WordPress allows authenticated XSS via the winpitem parameter...
CVE-2019-16289
CVE-2019-16289 concerns the WordPress plugin insert-php (Woody ad snippets) , affected versions prior to 2.2.8. The vulnerability allows authenticated Cross-Site Scripting (XSS) through the winp_item parameter . Red Hat and CVE listings consistently describe the issue as an authenticated XSS flaw...