Published: 07/05/2020 Updated: 11/05/2020

CVSS v2 Base Score: 4.3 | Impact Score: 2.9 | Exploitability Score: 8.6

CVSS v3 Base Score: 6.1 | Impact Score: 2.7 | Exploitability Score: 2.8

VMScore: 384

Vector: AV:N/AC:M/Au:N/C:N/I:P/A:N

The iframe plugin prior to 4.5 for WordPress does not sanitize a URL.

Vulnerable Product	Search on Vulmon	Subscribe to Product
iframe project iframe

Stored Cross Site Scripting - Iframe Plugin - WordPress

CVE-2020-12696 ██╗ ██╗███████╗███████╗ ╚██╗██╔╝██╔════╝██╔════╝ ╚███╔╝ ███████╗███████╗ ██╔██╗ ╚════██║╚════██║ ██╔╝ ██╗███████║███████║ ╚═╝ ╚

Stored Cross Site Scripting - Iframe Plugin - WordPress

CVE-2020-12696 ██╗ ██╗███████╗███████╗ ╚██╗██╔╝██╔════╝██╔════╝ ╚███╔╝ ███████╗███████╗ ██╔██╗ ╚════██║╚════██║ ██╔╝ ██╗███████║███████║ ╚═╝ ╚

Stored Cross Site Scripting - Iframe Plugin - WordPress

CVE-2020-12696 ██╗ ██╗███████╗███████╗ ╚██╗██╔╝██╔════╝██╔════╝ ╚███╔╝ ███████╗███████╗ ██╔██╗ ╚════██║╚════██║ ██╔╝ ██╗███████║███████║ ╚═╝ ╚

CVE-2020-12696