CVE-2020-36854 | Async JavaScript Plugin up to 2.19.07.14 on WordPress Setting aj_steps cross site scripting

Inserito da Angelo Barbosa | Ott 17, 2025 | CVE

A vulnerability described as problematic has been identified in Async JavaScript Plugin up to 2.19.07.14 on WordPress. This impacts the function aj_steps of the component Setting Handler. Executing manipulation can lead to cross site scripting.

This vulnerability is tracked as CVE-2020-36854. The attack can be launched remotely. No exploit exists.

CVE-2020-36854 | Async JavaScript Plugin up to 2.19.07.14 on WordPress Setting aj_steps cross site scripting

Post correlati

CVE-2024-21413 | Microsoft Office Outlook Remote Code Execution

CVE-2024-23640 | GeoServer up to 2.23.2 cross site scripting (GHSA-9rfr-pf2x-g4xf)

CVE-2024-35539 | Typecho 1.3.0 Post Comment race condition

CVE-2024-42050 | Splashtop Streamer up to 3.6.x on Windows MSI Installer CredProvider_Inst.reg permission