Medium severity5.4NVD Advisory· Published Sep 14, 2020· Updated Jun 17, 2026
CVE-2020-25380
CVE-2020-25380
Description
Wordpress Plugin Store / Mike Rooijackers Recall Products V0.8 is affected by: Cross Site Scripting (XSS) via the 'Recall Settings' field in admin.php. An attacker can inject JavaScript code that will be stored and executed.
Affected products
2- Mike Rooijackers/Recall Productsdescription
- Range: <0.8
Patches
Vulnerability mechanics
References
1- zeroaptitude.com/misha/wordpress-plugin-bug-hunting-part-2/nvdExploitThird Party AdvisoryURL Repurposed
News mentions
0No linked articles in our index yet.