{"vulnerability": "CVE-2019-18834", "sightings": [{"uuid": "79aae058-0a63-4f37-a5bf-c209898a99a3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2019-18834", "type": "seen", "source": "https://t.me/cibsecurity/13643", "content": "ATENTION\u203c New - CVE-2019-18834\n\nPersistent XSS in the WooCommerce Subscriptions plugin before 2.6.3 for WordPress allows remote attackers to execute arbitrary JavaScript because Billing Details are mishandled in WCS_Admin_Post_Types in class-wcs-admin-post-types.php.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2020-07-24T00:55:23.000000Z"}]}