The social-warfare plugin before 3.5.3 for WordPress has stored XSS via the wp-admin/admin-post.php?swp_debug=load_options swp_url parameter, as exploited in the wild in March 2019. This affects Social Warfare and Social Warfare Pro.
References
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: mitre
Published: 2019-03-24T14:47:26
Updated: 2021-07-27T16:06:12
Reserved: 2019-03-24T00:00:00
Link: CVE-2019-9978
JSON object: View
NVD Information
Status : Modified
Published: 2019-03-24T15:29:00.243
Modified: 2021-07-30T14:15:12.840
Link: CVE-2019-9978
JSON object: View
Redhat Information
No data.
CWE