CVE-2019-9669

Name of the Vulnerable Software and Affected Versions Wordfence plugin version 7.2.3

Description The issue concerns a potential XSS attack vector in the Wordfence plugin for WordPress. However, it has been noted that this may not be considered a valid vulnerability within the context of the Wordfence WordPress plugin, as the firewall rules are maintained on vendor servers and pushed to the plugin without versioning. Bypassing a WAF rule does not necessarily make a WordPress site vulnerable in terms of software vulnerabilities.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.