The WPBakery plugin before 6.4.1 for WordPress allows XSS because it calls kses_remove_filters to disable the standard WordPress XSS protection mechanism for the Author and Contributor roles.
Metrics
Affected Vendors & Products
References
History
No history.
MITRE
Status: PUBLISHED
Assigner: mitre
Published: 2020-11-16T02:49:50
Updated: 2024-08-04T16:40:59.962Z
Reserved: 2020-11-16T00:00:00
Link: CVE-2020-28650
Vulnrichment
No data.
NVD
Status : Modified
Published: 2020-11-16T04:15:12.667
Modified: 2024-11-21T05:23:06.520
Link: CVE-2020-28650
Redhat
No data.