The PlugNedit Adaptive Editor plugin before 6.2.0 for WordPress has CSRF with resultant XSS via wp-admin/admin-ajax.php?action=simple_fields_field_type_post_dialog_load plugnedit_width, pnemedcount, PlugneditBGColor, PlugneditEditorMargin, or plugneditcontent parameters.
Metrics
Affected Vendors & Products
References
History
No history.
MITRE
Status: PUBLISHED
Assigner: mitre
Published: 2019-09-26T00:19:06
Updated: 2024-08-06T08:51:04.976Z
Reserved: 2019-09-25T00:00:00
Link: CVE-2015-9422
Vulnrichment
No data.
NVD
Status : Analyzed
Published: 2019-09-26T01:15:10.527
Modified: 2019-09-26T19:50:17.090
Link: CVE-2015-9422
Redhat
No data.