CVE-2019-16217

Publication date

2019-09-11 13:07:40

Family

mitre

State

PUBLISHED

Description

WordPress before 5.2.3 allows XSS in media uploads because wp_ajax_upload_attachment is mishandled.