Lucene search
Veracode Vulnerability DatabaseVERACODE:22273HistoryJan 09, 2020 - 8:07 a.m.
Cross-Site Scripting (XSS)
2020-01-0908:07:52
Veracode Vulnerability Database
sca.analysiscenter.veracode.com
9
EPSS
0.002
Percentile
64.3%
wordpress is vulnerable to cross-site scripting (XSS). An attacker can inject malicious script via the function parameters from the function wp_targeted_link_rel.
References
github.com/WordPress/wordpress-develop/commit/1f7f3f1f59567e2504f0fbebd51ccf004b3ccb1d
github.com/WordPress/wordpress-develop/security/advisories/GHSA-xvg2-m2f4-83m7
hackerone.com/reports/509930
wordpress.org/news/2019/12/wordpress-5-3-1-security-and-maintenance-release/
wpvulndb.com/vulnerabilities/9975
Related
hackerone
hackerone
WordPress: Potential unprivileged Stored XSS through wp_targeted_link_rel
2019-03-14 21:37:27
wpvulndb
wpvulndb
WordPress <= 5.3 - Authenticated Stored XSS via Crafted Links
2019-12-13 00:00:00
wpexploit
wpexploit
WordPress <= 5.3 - Authenticated Stored XSS via Crafted Links
2019-12-13 00:00:00
cvelist
cvelist
CVE-2019-16773
2020-01-09 02:00:16
nvd
nvd
CVE-2019-16773
2020-01-09 02:15:13
cve
cve
CVE-2019-16773
2020-01-09 02:15:13
openvas
openvas
WordPress Multiple Vulnerabilities (Dec 2019) - Windows
2019-12-16 00:00:00
WordPress Multiple Vulnerabilities (Dec 2019) - Linux
2019-12-16 00:00:00