Lucene search
WpvulndbWPVDB-ID:29BDB558-50C5-49D9-ADE4-E2870C3129A1HistoryDec 10, 2019 - 12:00 a.m.
Scoutnet Kalender <= 1.1.0 - Stored Cross-Site Scripting (XSS)
2019-12-1000:00:00
wpscan.com
8
EPSS
0.002
Percentile
60.9%
The plugin does not sanitise the ‘Info’ field from embedded calendars (which are retrieved from Scoutnet and are not necessarily owned/managed by the administrator of the blog).
References
Related
patchstack
patchstack
nvd
nvd
CVE-2019-19198
2019-12-12 14:15:16
cve
cve
CVE-2019-19198
2019-12-12 14:15:16
prion
prion
Cross site scripting
2019-12-12 14:15:00
cvelist
cvelist
CVE-2019-19198
2019-12-12 13:55:34
packetstorm
packetstorm
WordPress Scoutnet Kalender 1.1.0 Cross Site Scripting
2019-12-10 00:00:00