Lucene search
MitreCVELIST:CVE-2019-16931HistoryOct 03, 2019 - 6:34 p.m.
CVE-2019-16931
2019-10-0318:34:45
mitre
www.cve.org
4
A stored XSS vulnerability in the Visualizer plugin 3.3.0 for WordPress allows an unauthenticated attacker to execute arbitrary JavaScript when an admin or other privileged user edits the chart via the admin dashboard. This occurs because classes/Visualizer/Gutenberg/Block.php registers wp-json/visualizer/v1/update-chart with no access control, and classes/Visualizer/Render/Page/Data.php lacks output sanitization.
Related
nuclei
nuclei
WordPress Visualizer <3.3.1 - Cross-Site Scripting
2022-05-11 06:26:12
wpexploit
wpexploit
Visualizer < 3.3.1 - Stored Cross-Site Scripting (XSS)
2019-09-28 00:00:00
nvd
nvd
CVE-2019-16931
2019-10-03 19:15:09
cve
cve
CVE-2019-16931
2019-10-03 19:15:09
wpvulndb
wpvulndb
Visualizer < 3.3.1 - Stored Cross-Site Scripting (XSS)
2019-09-28 00:00:00
prion
prion
Cross site scripting
2019-10-03 19:15:00
openvas
openvas
WordPress Visualizer Plugin < 3.3.1 Multiple Vulnerabilities
2019-10-02 00:00:00