3 matches found
CVE-2020-36722
The CVE-2020-36722 entry concerns the WordPress Visual Composer plugin. Affected: Visual Composer Website Builder for WordPress, versions up to and including 26.0. Root cause: insufficient input sanitization and output escaping. Impact: Cross-Site Scripting allowing arbitrary scripts to run in a ...
CVE-2020-36722 Visual Composer <= 26.0 - Multiple Cross-Site Scripting
The Visual Composer plugin for WordPress is vulnerable to Cross-Site Scripting in versions up to, and including, 26.0 due to insufficient input sanitization and output escaping. This makes it possible for attackers to inject arbitrary web scripts that execute in a victim's browser...
WordPress Visual Composer Website Builder Plugin <= 26.0 is vulnerable to Cross Site Scripting (XSS)
Software Visual Composer Website Builder Type Plugin Vulnerable versions = 26.0 Fixed in 27.0 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2020-36722 Patch priority Low CVSS severity Low 5.4 Developer Visual Composer PSID 94fc9a4ee237 Credits Jerome...