ABOUT
Overview
Use Cases
Mapping Methodology
Scoring Rubric
Related Projects
ATT&CK OBJECTS
Matrix
Tactics
Techniques
MAPPING FRAMEWORKS
About Mappings
Amazon Web Services (AWS)
Azure
CVE
Google Cloud Platform (GCP)
NIST 800-53
M365
VERIS
You're currently viewing ATT&CK Version 9.0 Enterprise and CVE 10.21.2021.
Change versions here.
Home
Mapping Frameworks
CVE Home
n/a
CVE
CVE-2019-11886
Mappings
The WaspThemes Visual CSS Style Editor (aka yellow-pencil-visual-theme-customizer) plugin before 7.2.1 for WordPress allows yp_option_update CSRF, as demonstrated by use of yp_remote_get to obtain admin access.
Mappings
ATT&CK Version
9.0
ATT&CK Domain
Enterprise
CVE
10.21.2021
Change Versions
Capability ID
Capability Description
Mapping Type
ATT&CK ID
ATT&CK Name
CVE-2019-11886
n/a
uncategorized
T1189
Drive-by Compromise
CVE-2019-11886
n/a
uncategorized
T1203
Exploitation for Client Execution