Back
WordPress UserPro plugin <= 4.9.33 - Unauthenticated Reflected Cross-Site Scripting (XSS) vulnerability
- Product
- Userpro
- Description
- Unauthenticated Reflected Cross-Site Scripting (XSS) vulnerability found in WordPress UserPro plugin (versions <= 4.9.33).
- Solution
- 27 August 2019 - no patched version available.
- Classification
-
Type XSS (Cross Site Scripting)
OWASP Top 10 A3: Cross Site Scripting (XSS)
- References
-
Plugin changelog
- CVE
- Name CVE-2019-14470
- Versions
-
Affected In
<= 4.9.33
- Disclosure date
- 2019-08-27
- Submitter
- ThreatPress