MEDIUM
Demo
CVE published 2026-05-16
CVE-2020-37235
CVE-2020-37235 describes a stored cross-site scripting issue in the Wibar WordPress theme's Brand component. The source corpus says authenticated users with editor, administrator, contributor, or author privileges can abuse the Logo URL / ftc_brand_url input to store malicious script content that executes when someone visits the brand page.