How severe is CVE-2020-36919?

CVE-2020-36919 has a CVSS v3 score of 6.1 (MEDIUM).

CVE-2020-36919

6.1MEDIUM

WPForms 1.7.8 contains a cross-site scripting vulnerability in the slider import search feature and tab parameter. Attackers can inject malicious scripts through the ListTable.php endpoint to execute

게시됨: 1/13/2026업데이트됨: 1/14/2026

설명

WPForms 1.7.8 contains a cross-site scripting vulnerability in the slider import search feature and tab parameter. Attackers can inject malicious scripts through the ListTable.php endpoint to execute arbitrary JavaScript in victim's browser.

AI 분석AI 기반

참조

https://wordpress.org/plugins/wpforms-lite
https://www.exploit-db.com/exploits/51152
https://www.vulncheck.com/advisories/wpforms-cross-site-scripting-xss