CVE-2019-20211
CVE-2019-20211
The CTHthemes CityBook before 2.3.4, TownHub before 1.0.6, and EasyBook before 1.2.2 themes for WordPress allow Persistent XSS via Listing Address, Listing Latitude, Listing Longitude, Email Address, Description, Name, Job or Position, Description, Service Name, Address, Latitude, Longitude, Phone Number, or Website.
Produtos afetados
n/a · n/aQuer saber se a sua infraestrutura está exposta a isto?
Falar com a TrueHacking →Referências
https://cxsecurity.com/issue/WLB-2019120110https://cxsecurity.com/issue/WLB-2019120111https://cxsecurity.com/issue/WLB-2019120112https://themeforest.net/item/citybook-directory-listing-wordpress-theme/21694727https://themeforest.net/item/easybook-directory-listing-wordpress-theme/23206622https://themeforest.net/item/townhub-directory-listing-wordpress-theme/25019571https://wpvulndb.com/vulnerabilities/10013https://wpvulndb.com/vulnerabilities/10014https://wpvulndb.com/vulnerabilities/10018