Unrated severityNVD Advisory· Published Jan 6, 2021· Updated Aug 4, 2024
CVE-2020-36172
CVE-2020-36172
Description
The Advanced Custom Fields plugin before 5.8.12 for WordPress mishandles the escaping of strings in Select2 dropdowns, potentially leading to XSS.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2- WordPress/Advanced Custom Fields plugindescription
- Range: <5.8.12
Patches
Vulnerability mechanics
References
1- wordpress.org/plugins/advanced-custom-fields/mitrex_refsource_MISC
News mentions
0No linked articles in our index yet.