CVE-2020-7239 - The conversation-watson plugin before 0.8.21 for WordPress has a DOM-based XSS vulnerability that is

CVE-2020-7239

Summary

The conversation-watson plugin before 0.8.21 for WordPress has a DOM-based XSS vulnerability that is executed when a chat message containing JavaScript is sent.

References

https://wordpress.org/plugins/conversation-watson/#developers
https://wpvulndb.com/vulnerabilities/10035
https://www.hooperlabs.xyz/disclosures/cve-2020-7239.php

Vulnerable Configurations

CVSS

Base:	5.0
Impact:
Exploitability:

Access

Vector	Complexity	Authentication

Impact

Confidentiality	Integrity	Availability

Last major update

21-01-2020 - 05:15

Published

21-01-2020 - 05:15

Last modified

21-01-2020 - 13:19