WP Maintenance <= 5.0.5 - CSRF to Stored XSS - No nonce protection on form submissions, leading to CSRF and no input/output sanitization allowing for XSS when exploited - PoC
Reporter | Title | Published | Views | Family All 6 |
---|---|---|---|---|
Prion | Cross site request forgery (csrf) | 26 Dec 201903:15 | – | prion |
CVE | CVE-2019-19979 | 26 Dec 201903:15 | – | cve |
wpexploit | WP Maintenance <= 5.0.5 - Cross-Site Request Forgery to Stored Cross-Site Scripting | 19 Nov 201900:00 | – | wpexploit |
Cvelist | CVE-2019-19979 | 26 Dec 201902:26 | – | cvelist |
Symantec | WordPress WP Maintenance Plugin CVE-2019-19979 Cross Site Request Forgery Vulnerability | 19 Nov 201900:00 | – | symantec |
NVD | CVE-2019-19979 | 26 Dec 201903:15 | – | nvd |
Transform Your Security Services
Elevate your offerings with Vulners' advanced Vulnerability Intelligence. Contact us for a demo and discover the difference comprehensive, actionable intelligence can make in your security strategy.
Book a live demo