2 matches found
CVE-2019-16219
WordPress before 5.2.3 allows XSS in shortcode previews...
CVE-2019-16222
WordPress before 5.2.3 has an issue with URL sanitization in wpksesbadprotocolonce in wp-includes/kses.php that can lead to cross-site scripting XSS attacks...