[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"$feqI9x3fExDHGgAMBvXpIXEUUX5kJdP7Tnf6LQCGF6rU":3},{"id":4,"url_slug":5,"title":6,"description":7,"plugin_slug":8,"theme_slug":9,"affected_versions":10,"patched_in_version":11,"severity":12,"cvss_score":13,"cvss_vector":14,"vuln_type":15,"published_date":16,"updated_date":17,"references":18,"days_to_patch":20},"CVE-2019-17515","spam-protection-antispam-firewall-by-cleantalk-reflected-cross-site-scripting-4","Spam protection, AntiSpam, FireWall by CleanTalk \u003C= 5.127.3 - Reflected Cross-Site Scripting","The CleanTalk cleantalk-spam-protect plugin before 5.127.4 for WordPress is affected by: Cross Site Scripting (XSS). The impact is: Allows an attacker to execute arbitrary HTML and JavaScript code via the from or till parameter. The component is: inc\u002Fcleantalk-users.php and inc\u002Fcleantalk-comments.php. The attack vector is: When the Administrator is logged in, a reflected XSS may execute upon a click on a malicious URL.","cleantalk-spam-protect",null,"\u003C=5.127.3","5.127.4","medium",6.1,"CVSS:3.1\u002FAV:N\u002FAC:L\u002FPR:N\u002FUI:R\u002FS:C\u002FC:L\u002FI:L\u002FA:N","Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')","2019-11-12 00:00:00","2024-01-22 19:56:02",[19],"https:\u002F\u002Fwww.wordfence.com\u002Fthreat-intel\u002Fvulnerabilities\u002Fid\u002Ff3855918-960e-487d-9d5f-6dbeba45523e?source=api-prod",1533]