CVE-2019-16520

Published: 2019-10-16T14:15Z

Last Modified: 2024-11-21T04:30Z

Source: MITRE CVE List

License: MITRE-CVE-TOS

The all-in-one-seo-pack plugin before 3.2.7 for WordPress (aka All in One SEO Pack) is susceptible to Stored XSS due to improper encoding of the SEO-specific description for posts provided by the plugin via unsafe placeholder replacement. > MITRE Terms of Use apply – see LICENSE‑MITRE.txt