Description
Wiki comments required additional sanitizing and access restrictions to prevent a stored XSS risk and potential IDOR risk.
Remediation
References
Related Vulnerabilities
WordPress Plugin Ocean Extra Cross-Site Scripting (1.9.4)
Apache HTTP Server Improper Authentication Vulnerability (CVE-2017-3167)
WordPress Plugin WP Subtitle Unspecified Vulnerability (2.5)
MediaWiki Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2019-12466)
WordPress Plugin Bulk change of posts terms and post types Cross-Site Scripting (1.0)