Description WordPress before 5.2.4 is vulnerable to stored XSS (cross-site scripting) via the Customizer. Remediation References CVE-2019-17674 Related Vulnerabilities Atlassian Jira Incorrect Authorization Vulnerability (CVE-2020-36238) Magento Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') Vulnerability (CVE-2019-8232) Oracle JRE CVE-2022-21341 Vulnerability (CVE-2022-21341) Oracle Database Server CVE-2014-2406 Vulnerability (CVE-2014-2406) WordPress Cryptographic Issues Vulnerability (CVE-2014-9037) Severity Medium Classification CVE-2019-17674 CWE-707 CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N Tags Missing Update Known Vulnerabilities