subject:"\[FD\] KingComposer 2.7.6 \- Reflected XSS \(WordPress Plugin\)"

Re: [FD] KingComposer 2.7.6 - Reflected XSS (WordPress Plugin)

2019-03-22 Thread Henri Salo

-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 On Tue, Feb 05, 2019 at 04:27:46PM +0100, Tim Coen wrote: > https://security-consulting.icu/blog/2019/02/wordpress-kingcomposer-xss/ MITRE assigned CVE-2019-9910 for this vulnerability. - -- Henri Salo -BEGIN PGP SIGNATURE-

[FD] KingComposer 2.7.6 - Reflected XSS (WordPress Plugin)

2019-02-05 Thread Tim Coen

* Vulnerability: XSS * Affected Software: [KingComposer](https://wordpress.org/plugins/kingcomposer/) * Affected Version: 2.7.6 * Patched Version: none * CVE: not requested * Risk: Medium * Vendor Contacted: 10/25/2018 * Vendor Fix: none * Public Disclosure: 02/05/2019 *