Security Advisory

CVE-2019-16520

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2019-10-16 13:58:06

Last updated 2024-08-05 01:17:40

Assigner mitre

State PUBLISHED

Description

The all-in-one-seo-pack plugin before 3.2.7 for WordPress (aka All in One SEO Pack) is susceptible to Stored XSS due to improper encoding of the SEO-specific description for posts provided by the plugin via unsafe placeholder replacement.

← Browse all CVEs View on cve.org ↗