2 matches found
CVE-2019-6029
CVE-2019-6029 affects the WordPress plugin “Custom Body Class” (versions ≤ 0.6.0). The vulnerability is a Cross-site Scripting (CWE-79) flaw in which insufficient input validation allows remote attackers to inject arbitrary scripts/HTML via unspecified vectors, potentially executing code in the l...
CVE-2019-6030
The CVE-2019-6030 entry concerns the WordPress plugin Custom Body Class (v0.6.0 and earlier). A CSRF flaw in this plugin could allow remote attackers to hijack an administrator’s session and perform actions with admin privileges through unspecified vectors. Exploitation details are not provided i...