cleantalk
Vulnerabilities and Security Researches

Async JavaScript, dc720f7e4f71488f6f9e4d0e22eb0a048932a77b

CVE, Research URL

dc720f7e4f71488f6f9e4d0e22eb0a048932a77b

Home page URL

Security reports for Async JavaScript

Application

Async JavaScript

Published on
Feb 27, 2020
Research Description
Async JavaScript [async-javascript] < 2.20.02.27 WordPress Async JavaScript plugin <= 2.19.07.14 - Unauthenticated Stored Cross-Site Scripting (XSS) vulnerability Unauthenticated Stored Cross-Site Scripting (XSS) vulnerability discovered by WordFence in WordPress Async JavaScript plugin (versions <= 2.19.07.14).
Affected versions
max 2.20.02.27.
Status
vulnerable
Previous vulnerability researches
Async JavaScript (278f7c36-05f8-4b6f-9a13-11175e3f3971) , Jun 16, 2026
Async JavaScript (a535d19a588d298275a50a334cb3297b070e2d46) , Jun 16, 2026
Async JavaScript (cb3b92c5c076a8f8d1d0e05662d2dfe8153c5bed) , Jun 07, 2024
Async JavaScript (CVE-2020-36854) , Dec 11, 2025
Async JavaScript (e36be0c1-de61-407b-95a6-ebb340bf29b3) , Jun 16, 2026
New vulnerability
leenk.me (753d31765913b4d2dbb8af0a5512e5f1f8c70c61) , Jun 16, 2026
Social Hashtags (5abd4657-8a58-4d97-b8cb-b67235ab5b8a) , Jun 16, 2026
Social Hashtags (1965c7b04565befbb11c28b56cb6922733a47b03) , Jun 16, 2026
Social Hashtags (a7cf6766582e354e702766a86f85716127d19bdc) , Jun 16, 2026
Simple Calendar &#8211; Google Calendar Plugin (e98a6264-9c5a-417f-b2f8-bd0017b411a0) , Jun 16, 2026