Lucene search
CVE-2020-36172
The Advanced Custom Fields plugin for WordPress before 5.8.12 mishandles string escaping in Select2 dropdowns, leading to potential XSS
Show more
| Reporter | Title | Published | Views | Family All 5 |
|---|---|---|---|---|
 | CVE-2020-36172 | 6 Jan 202114:17 | – | cvelist |
 | Advanced Custom Fields < 5.8.12 - Cross-Site Scripting in Select2 dropdowns | 6 Jan 202100:00 | – | wpvulndb |
 | Cross site scripting | 6 Jan 202115:15 | – | prion |
 | CVE-2020-36172 | 6 Jan 202115:15 | – | nvd |
 | WordPress Advanced Custom Fields plugin <= 5.8.11 - Cross-Site Scripting (XSS) vulnerability | 21 Jun 202000:00 | – | patchstack |
Node
| Source | Link |
|---|---|
| wordpress | www.wordpress.org/plugins/advanced-custom-fields/ |
Transform Your Security Services
Elevate your offerings with Vulners' advanced Vulnerability Intelligence. Contact us for a demo and discover the difference comprehensive, actionable intelligence can make in your security strategy.
Book a live demo06 Jan 2021 15:15Current
6.2Medium risk
Vulners AI Score6.2
CVSS24.3
CVSS36.1
EPSS0.0019