Vulnerability Description
A stored XSS vulnerability in the Visualizer plugin 3.3.0 for WordPress allows an unauthenticated attacker to execute arbitrary JavaScript when an admin or other privileged user edits the chart via the admin dashboard. This occurs because classes/Visualizer/Gutenberg/Block.php registers wp-json/visualizer/v1/update-chart with no access control, and classes/Visualizer/Render/Page/Data.php lacks output sanitization.
CVSS Score
MEDIUM
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Themeisle | Visualizer | <= 3.3.0 |
Related Weaknesses (CWE)
References
- https://nathandavison.com/blog/wordpress-visualizer-plugin-xss-and-ssrfExploitThird Party Advisory
- https://wordpress.org/plugins/visualizer/#developersProductRelease Notes
- https://wpvulndb.com/vulnerabilities/9893ExploitThird Party Advisory
- https://nathandavison.com/blog/wordpress-visualizer-plugin-xss-and-ssrfExploitThird Party Advisory
- https://wordpress.org/plugins/visualizer/#developersProductRelease Notes
- https://wpvulndb.com/vulnerabilities/9893ExploitThird Party Advisory
FAQ
What is CVE-2019-16931?
CVE-2019-16931 is a vulnerability with a CVSS score of 6.1 (MEDIUM). A stored XSS vulnerability in the Visualizer plugin 3.3.0 for WordPress allows an unauthenticated attacker to execute arbitrary JavaScript when an admin or other privileged user edits the chart via th...
How severe is CVE-2019-16931?
CVE-2019-16931 has been rated MEDIUM with a CVSS base score of 6.1/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2019-16931?
Check the references section above for vendor advisories and patch information. Affected products include: Themeisle Visualizer.