Published: 25/04/2019 Updated: 11/04/2024

CVSS v2 Base Score: 4.3 | Impact Score: 2.9 | Exploitability Score: 8.6

CVSS v3 Base Score: 6.1 | Impact Score: 2.7 | Exploitability Score: 2.8

VMScore: 384

Vector: AV:N/AC:M/Au:N/C:N/I:P/A:N

The Wordfence plugin 7.2.3 for WordPress allows XSS via a unique attack vector. NOTE: It has been asserted that this is not a valid vulnerability in the context of the Wordfence WordPress plugin as the firewall rules are not maintained as part of the Wordfence software but rather it is a set of rules hosted on vendor servers and pushed to the plugin with no versioning associated. Bypassing a WAF rule doesn't make a WordPress site vulnerable (speaking in terms of software vulnerabilities)

Vulnerable Product	Search on Vulmon	Subscribe to Product
wordfence wordfence 7.2.3

Node Js CVE Automated Scrapper

CVE Scrapper v100 CVE Scrapper is a tool used to request vulnerability from the official CVE Website WHY ?! Because i wanted to build something easy to use from the command line to rapidly get vulnerability of a specifc technologie Plus, this process can be run automaticly using cron, so you can have a "daily" or "weekly" updates about the vulnerabilitie

Node Js CVE Automated Scrapper

CVE Scrapper v100 CVE Scrapper is a tool used to request vulnerability from the official CVE Website WHY ?! Because i wanted to build something easy to use from the command line to rapidly get vulnerability of a specifc technologie Plus, this process can be run automaticly using cron, so you can have a "daily" or "weekly" updates about the vulnerabilitie

CWE-79 https://www.edgescan.com/popular-wordpress-waf-bypass-zeroday-discovered-by-edgescan/https://nvd.nist.gov https://github.com/Eli0ttD0NATIEN/cve-parser

CVE-2019-9669

Vulnerability Summary

Vulnerability Trend

Github Repositories

References

Vulmon Search

About

Products

Connect