Stored XSS Vulnerabilities in Motors - Car Dealer & Classified Ads Plugin by WordPress
CVE-2019-17229
6.1MEDIUM
Key Information:
- Vendor
Wordpress
- Vendor
- CVE Published:
- 24 February 2020
What is CVE-2019-17229?
The Motors - Car Dealer & Classified Ads plugin for WordPress, specifically includes/options.php, contains multiple vulnerabilities that allow attackers to exploit stored cross-site scripting (XSS) issues. These vulnerabilities can allow unauthorized users to inject malicious scripts into web pages viewed by other users, potentially leading to data theft and compromised user sessions.