PT-2018-14719 · WordPress · Wp Editor.Md
H4Ckforjob
·
Published
2018-11-04
·
Updated
2018-12-11
·
CVE-2018-18919
CVSS v3.1
4.8
Medium
| Vector | AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N |
Name of the Vulnerable Software and Affected Versions
WP Editor.md plugin version 10.0.1
Description
The issue allows for XSS via the comment area, which can be exploited to execute malicious scripts.
Recommendations
For WP Editor.md plugin version 10.0.1, update to a newer version that contains a fix for this issue.
Exploit
Fix
XSS
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Wp Editor.Md