CVE-2020-15020

CVE-2020-15020

EPSS 0.7%

An issue was discovered in the Elementor plugin through 2.9.13 for WordPress. An authenticated attacker can achieve stored XSS via the Name Your Template field.

Affected products

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →

References

http://hidden-one.co.in/2020/07/07/cve-2020-1020-stored-xss-on-elementor-wordpress-plugin/https://wordpress.org/plugins/elementor/#developers