PT-2019-5209 · WordPress · Wordpress

Publicado

2019-09-11

·

Atualizado

2023-01-31

·

CVE-2019-16219

CVSS v3.1

6.1

Média

VetorAV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
Name of the Vulnerable Software and Affected Versions WordPress versions prior to 5.2.3
Description The issue is related to an error in the shortcode preview functionality of the WordPress content management system, allowing for XSS attacks. This could potentially enable a remote attacker to compromise data integrity.
Recommendations For versions prior to 5.2.3, update to version 5.2.3 or later to resolve the issue. As a temporary workaround, consider restricting access to shortcode previews until the update is applied.

Exploit

Correção

XSS

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾
dbugs@ptsecurity.com

Enumeração de Fraquezas

CWE-79

Identificadores relacionados

BDU:2020-01938
CVE-2019-16219
DLA-1960-1
DSA-4599-1
DSA-4677-1

Produtos afetados

Wordpress