2 matches found
CVE-2019-19111
The wpForo plugin 1.6.5 for WordPress allows XSS via the wp-admin/admin.php?page=wpforo-phrases langid parameter...
CVE-2019-19111
CVE-2019-19111 affects the WordPress wpForo Forum plugin version 1.6.5. The vulnerability is a reflected XSS arising from improper handling of the langid parameter in the admin page (wp-admin/admin.php?page=wpforo-phrases). The root cause is lack of proper validation/escaping of client-supplied d...