3 matches found
WordPress Blog2Social plugin CVE-2019-9576 XSS
Description The Blog2Social WordPress plugin is vulnerable to reflected XSS as it echoes the b2supdatepublishdate parameter without proper encoding. Successful exploitation allows an attacker to execute JavaScript in the context of the application in the name of an attacked user. This in turn...
CVE-2019-9576
The Blog2Social plugin before 5.0.3 for WordPress allows wp-admin/admin.php?page=blog2social-ship XSS...
CVE-2019-9576
CVE-2019-9576 affects the WordPress Blog2Social plugin prior to 5.0.3. The underlying issue is a reflected XSS in wp-admin/admin.php?page=blog2social-ship via the b2s_update_publish_date parameter, which is echoed without proper encoding in the Loader.php path, enabling script execution in the at...