WordPress Plugin Vulnerabilities

Animate It < 2.3.6 - XSS

Description

The Animate It! WordPress plugin was affected by a XSS security vulnerability.

Affects Plugins

Plugin icon
animate-it
Fixed in 2.3.6

References

CVE
CVE-2019-17384
CVE
CVE-2019-17385
CVE
CVE-2019-17386

Classification

Type
XSS
OWASP top 10
A7: Cross-Site Scripting (XSS)
CWE
CWE-79
CVSS
8.8 (high)

Miscellaneous

Verified
No
WPVDB ID
a7013100-bf2b-4e6b-9f2a-a04e40fcabf2

Timeline

Publicly Published
2019-07-27 (about 6 years ago)
Added
2019-10-09 (about 6 years ago)
Last Updated
2020-09-22 (about 5 years ago)

Other

Published
Title
Published
2024-03-07
Title
EmbedPress – Embed PDF, Google Docs, Vimeo, Wistia, Embed YouTube Videos, Audios, Maps & Embed Any Documents in Gutenberg & Elementor < 3.9.11 - Authenticated (Contributor+) Stored Cross-Site Scripting via Wistia Block
Published
2024-03-01
Title
Calculated Fields Form Professional < 5.1.57 - Unauthenticated Stored Cross-Site Scripting
Published
2025-08-28
Title
List Subpages < 1.0.7 - Authenticated (Contributor+) Stored Cross-Site Scripting via title Parameter
Published
2024-08-01
Title
MapPress Maps for WordPress < 2.93 - Admin+ Stored XSS via Map Settings
Published
2024-01-22
Title
Popup Box Pro < 20.9.0 - Admin+ Stored XSS