How severe is CVE-2020-36919?

CVE-2020-36919 has a CVSS v3 score of 6.1 (MEDIUM).

CVE-2020-36919

6.1MEDIUM

WPForms 1.7.8 contains a cross-site scripting vulnerability in the slider import search feature and tab parameter. Attackers can inject malicious scripts through the ListTable.php endpoint to execute

发布于: 1/13/2026更新于: 1/14/2026

描述

WPForms 1.7.8 contains a cross-site scripting vulnerability in the slider import search feature and tab parameter. Attackers can inject malicious scripts through the ListTable.php endpoint to execute arbitrary JavaScript in victim's browser.

AI分析AI驱动

参考资料

https://wordpress.org/plugins/wpforms-lite
https://www.exploit-db.com/exploits/51152
https://www.vulncheck.com/advisories/wpforms-cross-site-scripting-xss