How severe is CVE-2020-36919?

CVE-2020-36919 has a CVSS v3 score of 6.1 (MEDIUM).

CVE-2020-36919

6.1MEDIUM

WPForms 1.7.8 contains a cross-site scripting vulnerability in the slider import search feature and tab parameter. Attackers can inject malicious scripts through the ListTable.php endpoint to execute

Published: 1/13/2026Updated: 1/14/2026

Description

WPForms 1.7.8 contains a cross-site scripting vulnerability in the slider import search feature and tab parameter. Attackers can inject malicious scripts through the ListTable.php endpoint to execute arbitrary JavaScript in victim's browser.

AI AnalysisPowered by AI

References

https://wordpress.org/plugins/wpforms-lite
https://www.exploit-db.com/exploits/51152
https://www.vulncheck.com/advisories/wpforms-cross-site-scripting-xss