0.001 Low
EPSS
Percentile
36.1%
Authenticated Stored Cross-Site Scripting (XSS) vulnerability discovered by Guilherme Rubert in WordPress iframe plugin (versions <= 4.4).
Update the WordPress iframe plugin to the latest available version (at least 4.5).
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-12696
guilhermerubert.com/blog/cve-2020-12696/
wordpress.org/plugins/iframe/#developers