admin/cve
1
0
Fork 0
mirror of https://github.com/0xMarcio/cve.git synced 2025-05-29 17:50:34 +00:00
Code Issues Packages Projects Releases Wiki Activity
cve/2019/CVE-2019-16522.md

21 lines
1.1 KiB
Markdown
Raw Normal View History

Update Sun May 26 14:27:04 CEST 2024
2024-05-26 14:27:05 +02:00
### [CVE-2019-16522](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-16522)
![](https://img.shields.io/static/v1?label=Product&message=n%2Fa&color=blue)
![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue)
![](https://img.shields.io/static/v1?label=Vulnerability&message=n%2Fa&color=brighgreen)
### Description
The eu-cookie-law plugin through 3.0.6 for WordPress (aka EU Cookie Law (GDPR)) is susceptible to Stored XSS due to improper encoding of several configuration options in the admin area and the displayed cookie consent message. This affects Font Color, Background Color, and the Disable Cookie text. An attacker with high privileges can attack other users.
### POC
#### Reference
- https://github.com/sbaresearch/advisories/tree/public/2019/SBA-ADV-20190913-01_WordPress_Plugin_EU_Cookie_Law
Update CVE sources 2024-06-09 00:33
2024-06-09 00:33:16 +00:00
- https://github.com/sbaresearch/advisories/tree/public/2019/SBA-ADV-20190913-01_WordPress_Plugin_EU_Cookie_Law
Update Sun May 26 14:27:04 CEST 2024
2024-05-26 14:27:05 +02:00
- https://wpvulndb.com/vulnerabilities/9918
Update CVE sources 2024-06-09 00:33
2024-06-09 00:33:16 +00:00
- https://wpvulndb.com/vulnerabilities/9918
Update Sun May 26 14:27:04 CEST 2024
2024-05-26 14:27:05 +02:00
#### Github
- https://github.com/SexyBeast233/SecBooks
Reference in New Issue Copy Permalink