3 matches found
CVE-2019-17071
The client-dash aka Client Dash plugin 2.1.4 for WordPress allows XSS...
Client Dash <= 2.2.1 - Authenticated (Administrator+) Stored Cross-Site Scripting via settings
Description The Client Dash plugin for WordPress is vulnerable to Stored Cross-Site Scripting via admin settings in all versions up to, and including, 2.2.1 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with administrator-level...
CVE-2019-17071
The CVE-2019-17071 entry concerns the WordPress Client Dash plugin (version 2.1.4) which is vulnerable to Cross-Site Scripting (XSS). Connected documents detail that this vulnerability is a stored XSS via admin settings, exploitable by authenticated attackers with administrator-level privileges (...