3 matches found
CVE-2020-36704
The Fruitful Theme for WordPress is vulnerable to Stored Cross-Site Scripting via several parameters stored via the fruitfulthemeoptionsaction AJAX action in versions up to, and including, 3.8.1 due to insufficient input sanitization and output escaping. This makes it possible for authenticated...
CVE-2020-36704 Fruitful < 3.8.2 - Stored Cross-Site Scripting
The Fruitful Theme for WordPress is vulnerable to Stored Cross-Site Scripting via several parameters stored via the fruitfulthemeoptionsaction AJAX action in versions up to, and including, 3.8.1 due to insufficient input sanitization and output escaping. This makes it possible for authenticated...
CVE-2020-36704
CVE-2020-36704 (WordPress Fruitful Theme) is a stored XSS vulnerability affecting versions up to and including 3.8.1. The issue arises from insufficient input sanitization and output escaping in parameters stored via the fruitful_theme_options_action AJAX action. Exploitation requires authenticat...