CVE-2020-7107

CVE-2020-7107

EPSS 2.2%

The Ultimate FAQ plugin before 1.8.30 for WordPress allows XSS via Display_FAQ to Shortcodes/DisplayFAQs.php.

Affected products

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →

References

https://plugins.trac.wordpress.org/changeset/2222959/ultimate-faqs/tags/1.8.30/Shortcodes/DisplayFAQs.php https://wordpress.org/plugins/ultimate-faqs/#developers https://wpvulndb.com/vulnerabilities/10006