WEB APPLICATION VULNERABILITIES Standard & Premium

WordPress Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2019-16223)

Description

WordPress before 5.2.3 allows XSS in post previews by authenticated users.

Remediation

References

Related Vulnerabilities

WordPress Plugin Age Gate Security Bypass (2.17.0)

TYPO3 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2010-3660)

WordPress Plugin Total Sales For Woocommerce Cross-Site Scripting (1.1)

WordPress Plugin Simple Personal Message SQL Injection (1.0.3)

GibbonEdu Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2022-23871)

Severity

Medium

Classification

CVE-2019-16223 CWE-707 CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N

Tags

Missing Update Known Vulnerabilities