Show filters
2 Total Results
Displaying 1-2 of 2
Sort by:
Attacker Value
Unknown
CVE-2019-20042
Disclosure Date: December 27, 2019 (last updated October 06, 2023)
In wp-includes/formatting.php in WordPress 3.7 to 5.3.0, the function wp_targeted_link_rel() can be used in a particular way to result in a stored cross-site scripting (XSS) vulnerability. This has been patched in WordPress 5.3.1, along with all the previous WordPress versions from 3.7 to 5.3 via a minor release.
0
Attacker Value
Unknown
Stored cross-site scripting (XSS) in WordPress through 'wp_targeted_link_rel'
Disclosure Date: February 07, 2019 (last updated November 08, 2023)
Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2019-20042. Reason: This candidate is a duplicate of CVE-2019-20042. Notes: All CVE users should reference CVE-2019-20042 instead of this candidate. All references and descriptions in this candidate have been removed to prevent accidental usage
0