CVE-2020-12696
CVE-2020-12696 affects the WordPress iframe plugin (versions before 4.5). The issue is that the plugin does not sanitize user-supplied URLs in the iframe, enabling a potential cross-site scripting (XSS) vector. Multiple sources cite this as an authenticated stored XSS vulnerability, with remediat...