CVE

CVE-2019-16520

admin

CVE-2019-16520

The all-in-one-seo-pack plugin before 3.2.7 for WordPress (aka All in One SEO Pack) is susceptible to Stored XSS due to improper encoding of the SEO-specific description for posts provided by the plugin via unsafe placeholder replacement.

Source: CVE-2019-16520

Exit mobile version