Description index.php?p=/dashboard/settings/branding in Vanilla 2.6.3 allows stored XSS. Remediation References CVE-2020-8825 Related Vulnerabilities WordPress Plugin Easy Digital Downloads-Simple eCommerce for Selling Digital Files Cross-Site Scripting (2.9.15) WordPress Plugin My Tickets Cross-Site Scripting (1.5.0) WordPress Plugin RSS Post Importer Unspecified Vulnerability (2.5.0) WordPress Plugin AMP for WP-Accelerated Mobile Pages Security Bypass (0.9.97.19) Atlassian Jira Improper Control of Generation of Code ('Code Injection') Vulnerability (CVE-2019-15001) Severity Medium Classification CVE-2020-8825 CWE-707 CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N Tags Missing Update Known Vulnerabilities