CVE-2019-9978

The social-warfare plugin before 3.5.3 for WordPress has stored XSS via the wp-admin/admin-post.php?swp_debug=load_options swp_url parameter, as exploited in the wild in March 2019. This affects Social Warfare and Social Warfare Pro.
Configurations

Configuration 1

cpe:2.3:a:warfareplugins:social_warfare:*:*:*:*:*:wordpress:*:*
cpe:2.3:a:warfareplugins:social_warfare_pro:*:*:*:*:*:wordpress:*:*

Information

Published : 2019-03-24 03:29

Updated : 2021-07-30 02:15


NVD link : CVE-2019-9978

Mitre link : CVE-2019-9978

CWE