VYPR
Unrated severityNVD Advisory· Published Jan 13, 2026· Updated Mar 5, 2026

WPForms 1.7.8 - Cross-Site Scripting (XSS)

CVE-2020-36919

Description

WPForms 1.7.8 contains a cross-site scripting vulnerability in the slider import search feature and tab parameter. Attackers can inject malicious scripts through the ListTable.php endpoint to execute arbitrary JavaScript in victim's browser.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

2

Patches

Vulnerability mechanics

References

3

News mentions

0

No linked articles in our index yet.