1 results (0.020 seconds)
CVSS: 7.2EPSS: 94%CPEs: 2EXPL: 15
CVSS: 7.2EPSS: 94%CPEs: 2EXPL: 15CVE-2019-9978 – WordPress Social Warfare Plugin Cross-Site Scripting (XSS) Vulnerability
https://notcve.org/view.php?id=CVE-2019-9978
21 Mar 2019 — The social-warfare plugin before 3.5.3 for WordPress has stored XSS via the wp-admin/admin-post.php?swp_debug=load_options swp_url parameter, as exploited in the wild in March 2019. This affects Social Warfare and Social Warfare Pro. El plugin social-warfare, en versiones anteriores a la 3.5.3 para WordPress, tiene Cross-Site Scripting (XSS) persistente mediante el parámetro swp_url en wp-admin/admin-post.php?swp_debug=load_options, tal y como se explotó "in the wild" en marzo de 2019. • https://www.exploit-db.com/exploits/46794 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •