Lucene search
Ramuel GallWPVDB-ID:B239D9E7-261F-4639-AAF7-E6A2295B9328HistoryJul 09, 2020 - 12:00 a.m.
KingComposer < 2.9.5 - Unauthenticated Reflected Cross-Site Scripting
2020-07-0900:00:00
Ramuel Gall
wpscan.com
14
EPSS
0.001
Percentile
48.4%
A reflected Cross-Site Scripting (XSS) Vulnerability in the KingComposer plugin through 2.9.4 for WordPress allows remote attackers to trick a victim into submitting an install_online_preset AJAX request containing base64-encoded JavaScript (in the kc-online-preset-data POST parameter) that is executed in the victim’s browser.
Related
patchstack
patchstack
prion
prion
Cross site scripting
2020-07-09 19:15:00
cvelist
cvelist
CVE-2020-15299
2020-07-09 18:13:45
checkpoint_advisories
checkpoint_advisories
WordPress KingComposer Plugin Cross-site Scripting (CVE-2020-15299)
2022-09-14 00:00:00
openvas
openvas
WordPress KingComposer Plugin <= 2.9.4 XSS Vulnerability
2020-07-13 00:00:00
nvd
nvd
CVE-2020-15299
2020-07-09 19:15:11
cve
cve
CVE-2020-15299
2020-07-09 19:15:11