CVE-2020-13644
An issue was discovered in the Accordion plugin before 2.2.9 for WordPress. The unprotected AJAX wp_ajax_accordions_ajax_import_json action allowed any authenticated user with Subscriber or higher permissions the ability to import a new accordion and inject malicious JavaScript as part of the accordion.List of 4 websites affected by CVE-2020-13644
The domain names are hidden due to the sensitivity of the data. Please click on the "Contact us" button above to get more information.
| Domain | Country | Rank | Contacts |
|---|---|---|---|
| ************************.com |  France | **,***,*** | |
| ************.de |  Germany | **,***,*** | |
| ***********.**.uk |  GB | **,***,*** | |
| **********************.de | Germany | ***,***,*** |