A Stored XSS vulnerability has been found in the administration page of the WTI Like Post plugin through 1.4.5 for WordPress. Once the administrator has submitted the data, the script stored is executed for all the users visiting the website.
References
Link | Resource |
---|---|
https://wordpress.org/plugins/wti-like-post/#developers | Product Third Party Advisory |
https://wpvulndb.com/vulnerabilities/10210 | Third Party Advisory |
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: mitre
Published: 2020-05-05T15:03:18
Updated: 2020-05-05T15:03:18
Reserved: 2020-02-07T00:00:00
Link: CVE-2020-8799
JSON object: View
NVD Information
Status : Analyzed
Published: 2020-05-05T16:15:11.663
Modified: 2020-05-07T19:32:32.670
Link: CVE-2020-8799
JSON object: View
Redhat Information
No data.
CWE