CVE-2020-36769 | kevinlangleyjr Widget Settings Importer-Exporter Plugin up to 1.5.3 on WordPress wp_ajax_import_widget_dataparameter cross site scripting

Posted by Angelo Barbosa | Dec 23, 2023 | CVE

A vulnerability was found in kevinlangleyjr Widget Settings Importer-Exporter Plugin up to 1.5.3 on WordPress. It has been rated as problematic. Affected by this issue is the function wp_ajax_import_widget_dataparameter. The manipulation leads to cross site scripting.

This vulnerability is handled as CVE-2020-36769. The attack may be launched remotely. There is no exploit available.

CVE-2020-36769 | kevinlangleyjr Widget Settings Importer-Exporter Plugin up to 1.5.3 on WordPress wp_ajax_import_widget_dataparameter cross site scripting

Related Posts

CVE-2024-2475 | Media Library Assistant Plugin up to 3.13 on WordPress Shortcode mla_gallery cross site scripting

CVE-2024-28122 | lestrrat-go jwx up to 1.2.28/2.0.20 resource consumption (GHSA-hj3v-m684-v259)

CVE-2024-28430 | DedeCMS 5.7 /dede/catalog_edit.php cross-site request forgery

CVE-2023-42800 | moonlight-stream moonlight-common-c GameStream Client buffer overflow (GHSA-4927-23jw-rq62)