Lucene search

K
wpvulndbRyan DewhurstWPVDB-ID:D150F43F-6030-4191-98B8-20AE05585936
HistoryMar 13, 2019 - 12:00 a.m.

WordPress 3.9-5.1 - Comment Cross-Site Scripting (XSS)

2019-03-1300:00:00
Ryan Dewhurst
wpscan.com
76

0.837 High

EPSS

Percentile

98.5%

According to WordPress: “This release also includes a pair of security fixes that handle how comments are filtered and then stored in the database. With a maliciously crafted comment, a WordPress post was vulnerable to cross-site scripting.”

0.837 High

EPSS

Percentile

98.5%