CVE-2019-20210: XSS
First published: Mon Jan 13 2020(Updated: )
The CTHthemes CityBook before 2.3.4, TownHub before 1.0.6, and EasyBook before 1.2.2 themes for WordPress allow Reflected XSS via a search query.
Credit: cve@mitre.org
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Cththemes Citybook | <2.3.4 | |
| Cththemes Easybook | <1.2.2 | |
| Cththemes Townhub | <1.0.6 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
- https://cxsecurity.com/issue/WLB-2019120110
- https://cxsecurity.com/issue/WLB-2019120111
- https://cxsecurity.com/issue/WLB-2019120112
- https://themeforest.net/item/citybook-directory-listing-wordpress-theme/21694727
- https://themeforest.net/item/easybook-directory-listing-wordpress-theme/23206622
- https://themeforest.net/item/townhub-directory-listing-wordpress-theme/25019571
- https://wpvulndb.com/vulnerabilities/10013
- https://wpvulndb.com/vulnerabilities/10014
- https://wpvulndb.com/vulnerabilities/10018
Frequently Asked Questions
What is the vulnerability ID for this vulnerability?
The vulnerability ID for this vulnerability is CVE-2019-20210.
What is the severity of CVE-2019-20210?
The severity of CVE-2019-20210 is medium (6.1).
Which software versions are affected by CVE-2019-20210?
The CTHthemes CityBook before version 2.3.4, TownHub before version 1.0.6, and EasyBook before version 1.2.2 themes for WordPress are affected by CVE-2019-20210.
How can the vulnerability CVE-2019-20210 be exploited?
CVE-2019-20210 can be exploited via a reflected XSS attack using a search query.
Are there any references available for CVE-2019-20210?
Yes, you can find more information about CVE-2019-20210 at the following references: [Link 1](https://cxsecurity.com/issue/WLB-2019120110), [Link 2](https://cxsecurity.com/issue/WLB-2019120111), [Link 3](https://cxsecurity.com/issue/WLB-2019120112).