ThreatPress

WordPress Vulnerabilities Database

Back

WordPress Postie plugin <= 1.9.40 - Stored Cross-Site Scripting (XSS) and post submission spoofing vulnerabilities

Product
Postie
Description
Stored Cross-Site Scripting (XSS) and post submission spoofing vulnerabilities found by V1n1v131r4 in WordPress Postie plugin (versions <= 1.9.40).
Solution
06.01.2020 - we were unable to find a patched version of this plugin.
Classification
Type Multi
References
Plugin changelog
CVE
Name CVE-2019-20204, 2019-20203
Versions
Affected In <= 1.9.40
Disclosure date
2020-01-06
Credits
V1n1v131r4
Submitter
ThreatPress