CVSS: 5.4EPSS: 0%CPEs: 1EXPL: 1CVE-2019-19541 – ListingPro - WordPress Directory & Listing Theme < 2.0.14.5 - Stored Cross-Site Scripting
https://notcve.org/view.php?id=CVE-2019-19541
The ListingPro theme before v2.0.14.2 for WordPress has Persistent XSS via the Best Day/Night field on the new listing submit page. El tema ListingPro versiones anteriores a v2.0.14.2 para WordPress, presenta una vulnerabilidad de tipo XSS persistente por medio del campo Best Day/Night en la página new listing submit. The ListingPro theme before v2.0.14.5 for WordPress has Persistent XSS via the Best Day/Night field on the new listing submit page. • https://wpvulndb.com/vulnerabilities/9974 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 5.4EPSS: 0%CPEs: 1EXPL: 1CVE-2019-19542 – ListingPro - WordPress Directory & Listing Theme < 2.0.14.5 - Stored Cross-Site Scripting
https://notcve.org/view.php?id=CVE-2019-19542
The ListingPro theme before v2.0.14.2 for WordPress has Persistent XSS via the Good For field on the new listing submit page. El tema ListingPro versiones anteriores a v2.0.14.2 para WordPress, presenta una vulnerabilidad de tipo XSS persistente por medio del campo Good For en la página new listing submit. The ListingPro theme before v2.0.14.5 for WordPress has Persistent XSS via the Good For field on the new listing submit page. • https://wpvulndb.com/vulnerabilities/9974 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 6.1EPSS: 0%CPEs: 1EXPL: 1CVE-2019-19540 – ListingPro - WordPress Directory & Listing Theme < 2.0.14.5 - Reflected Cross-Site Scripting
https://notcve.org/view.php?id=CVE-2019-19540
The ListingPro theme before v2.0.14.2 for WordPress has Reflected XSS via the What field on the homepage. El tema ListingPro versiones anteriores a v2.0.14.2 para WordPress, presenta una vulnerabilidad de tipo XSS reflejado por medio del campo What en la página de inicio. The ListingPro theme before v2.0.14.5 for WordPress has Reflected XSS via the What field on the homepage. • https://wpvulndb.com/vulnerabilities/9974 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •