14 matches found
EUVD-2019-7030
Malware in sbrugna...
WordPress 3.8.x < 3.8.30 Multiple Vulnerabilities
According to its self-reported version number, the detected WordPress application is affected by multiple vulnerabilities : - A cross-site scripting XSS vulnerability in post previews by contributors. - A cross-site scripting XSS vulnerability in stored comments. - An unspecified issue with...
WordPress 5.0.x < 5.0.6 Multiple Vulnerabilities
According to its self-reported version number, the detected WordPress application is affected by multiple vulnerabilities : - A cross-site scripting XSS vulnerability in post previews by contributors. - A cross-site scripting XSS vulnerability in stored comments. - An unspecified issue with...
CVE-2019-16218
WordPress before 5.2.3 allows XSS in stored comments...
CVE-2019-16218
WordPress before 5.2.3 allows XSS in stored comments...
Cross site scripting
WordPress before 5.2.3 allows XSS in stored comments...
UBUNTU-CVE-2019-16218
WordPress before 5.2.3 allows XSS in stored comments...
CVE-2019-16218
WordPress before 5.2.3 allows XSS in stored comments...
CVE-2019-16218
WordPress before 5.2.3 allows XSS in stored comments...
CVE-2019-16218
WordPress before 5.2.3 allows XSS in stored comments...
CVE-2019-16218
CVE-2019-16218 affects WordPress prior to 5.2.3, where stored comments can trigger XSS. Root cause is an input handling flaw in comments that allows script injection. The issue is documented in the CVE entry as WordPress before 5.2.3 allows XSS in stored comments. Public references indicate WordP...
PT-2019-5208 · WordPress · Wordpress
Name of the Vulnerable Software and Affected Versions: WordPress versions prior to 5.2.3 Description: The issue is related to an error in handling stored comments, allowing for XSS attacks. This could potentially enable a remote attacker to impact data integrity. Recommendations: For WordPress...
WordPress 5.2.2 - Authenticated Cross-Site Scripting (XSS) in Post Previews
Description From the WordPress version release: "Props to Simon Scannell of RIPS Technologies for finding and disclosing two issues. The first, a cross-site scripting XSS vulnerability found in post previews by contributors. The second was a cross-site scripting vulnerability in stored comments."...
DEBIAN-CVE-2015-8834
Cross-site scripting XSS vulnerability in wp-includes/wp-db.php in WordPress before 4.2.2 allows remote attackers to inject arbitrary web script or HTML via a long comment that is improperly stored because of limitations on the MySQL TEXT data type. NOTE: this vulnerability exists because of an...