How severe is CVE-2020-36919?

CVE-2020-36919 has a CVSS v3 score of 6.1 (MEDIUM).

CVE-2020-36919

6.1MEDIUM

WPForms 1.7.8 contains a cross-site scripting vulnerability in the slider import search feature and tab parameter. Attackers can inject malicious scripts through the ListTable.php endpoint to execute

Publicado: 1/13/2026Actualizado: 1/14/2026

Descripción

WPForms 1.7.8 contains a cross-site scripting vulnerability in the slider import search feature and tab parameter. Attackers can inject malicious scripts through the ListTable.php endpoint to execute arbitrary JavaScript in victim's browser.

Análisis IAImpulsado por IA

Referencias

https://wordpress.org/plugins/wpforms-lite
https://www.exploit-db.com/exploits/51152
https://www.vulncheck.com/advisories/wpforms-cross-site-scripting-xss