WordPress fuelled domains use the KingComposer tool for drag-and-drop page building. It removes the need for direct coding or program building a page that uses a content management system (CMS).
The XSS bug was detected by the Wordfence Threat Intelligence team and marked as CVE-2020-15299 with a CVSS score of 6.1. The vulnerability was capable of introducing malware into a user’s system if a malicious link gets clicked. It had affected more than 100,000 websites.
Source: Zdnet
