Medium severity6.1NVD Advisory· Published Aug 14, 2020· Updated Jun 17, 2026
CVE-2019-6112
CVE-2019-6112
Description
A Cross-site scripting (XSS) vulnerability in /inc/class-search.php in the Sell Media plugin v2.4.1 for WordPress allows remote attackers to inject arbitrary web script or HTML via the keyword parameter (aka $search_term or the Search field).
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2- WordPress/Sell Media plugindescription
Patches
Vulnerability mechanics
References
2- github.com/graphpaperpress/Sell-Media/commit/8ac8cebf332e0885863d0a25e16b4b180abedc47nvdPatchThird Party Advisory
- metamorfosec.com/Files/Advisories/METS-2020-001-A_XSS_Vulnerability_in_Sell_Media_Plugin_v2.4.1_for_WordPress.txtnvdThird Party Advisory
News mentions
0No linked articles in our index yet.