2 matches found
CVE-2019-17214
The CVE-2019-17214 entry concerns the WebARX WordPress plugin, version 1.3.0. Affected component: the plugin’s firewall logic; root cause described as firewall bypass achievable by appending &cc=1 to a URI. Documented impact indicates that the firewall protection can be bypassed, enabling an unau...
CVE-2019-17213
CVE-2019-17213 affects the WebARX plugin for WordPress (version 1.3.0). The connected records confirm an unauthenticated stored cross-site scripting (XSS) vulnerability that can be triggered via the URI or the X-Forwarded-For HTTP header. The root cause is an XSS flaw in how input in the request ...