Security Advisory

CVE-2019-9978

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2019-03-24 14:47:26

Last updated 2025-10-21 23:45:41

Assigner mitre

State PUBLISHED

Description

The social-warfare plugin before 3.5.3 for WordPress has stored XSS via the wp-admin/admin-post.php?swp_debug=load_options swp_url parameter, as exploited in the wild in March 2019. This affects Social Warfare and Social Warfare Pro.

← Browse all CVEs View on cve.org ↗