Show filters
1 Total Results
Displaying 1-1 of 1
Sort by:
Attacker Value
Unknown

CVE-2020-36172

Disclosure Date: January 06, 2021 (last updated February 22, 2025)
The Advanced Custom Fields plugin before 5.8.12 for WordPress mishandles the escaping of strings in Select2 dropdowns, potentially leading to XSS.
Attack Vector: NetworkPrivileges: NoneUser Interaction: Required
0
0