Medium severity5.4NVD Advisory· Published Jan 2, 2020· Updated Jun 17, 2026
CVE-2019-20204
CVE-2019-20204
Description
The Postie plugin 1.9.40 for WordPress allows XSS, as demonstrated by a certain payload with jaVasCript:/* at the beginning and a crafted SVG element.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2- WordPress/Postie plugindescription
Patches
Vulnerability mechanics
References
5- packetstormsecurity.com/files/155973/WordPress-Postie-1.9.40-Cross-Site-Scripting.htmlnvdExploitThird Party AdvisoryVDB Entry
- github.com/V1n1v131r4/Exploiting-Postie-WordPress-Plugin-/blob/master/README.mdnvdExploitThird Party Advisory
- wordpress.org/plugins/postie/nvdRelease NotesVendor Advisory
- wpvulndb.com/vulnerabilities/10002nvdThird Party Advisory
- postieplugin.comnvdProduct
News mentions
0No linked articles in our index yet.