CVE-2020-36656

The Spectra WordPress plugin before 1.15.0 does not sanitize user input as it reaches its style HTML attribute, allowing contributors to conduct stored XSS attacks via the plugin's Gutenberg blocks...

CVE-2020-36656

creationtimestamp| type| source ---|---|--- 2023-02-21 12:21:46+00:00| seen| https://t.me/cibsecurity/58585...

CVE-2020-36656

The Spectra WordPress plugin before 1.15.0 does not sanitize user input as it reaches its style HTML attribute, allowing contributors to conduct stored XSS attacks via the plugin's Gutenberg blocks...

CVE-2020-36656

The CVE-2020-36656 entry concerns the Spectra WordPress Gutenberg Blocks Plugin for WordPress, with versions prior to 1.15.0 vulnerable to stored XSS due to insufficient sanitization of user input in a style HTML attribute. The underlying issue allows contributors (required privileges) to inject ...

WordPress Spectra Plugin < 1.15.0 is vulnerable to Cross Site Scripting (XSS)

Software Spectra Type Plugin Vulnerable versions 1.15.0 Fixed in 1.15.0 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2020-36656 Patch priority Medium CVSS severity Medium 6.5 Developer Claim ownership PSID aa21c4e7af94 Credits István Márton Required...