Lucene search
WPScanCVELIST:CVE-2021-24505HistoryAug 09, 2021 - 10:04 a.m.
CVE-2021-24505 Forms < 1.12.3 - Authenticated Stored Cross-Site Scripting (XSS)
2021-08-0910:04:11
CWE-79
WPScan
www.cve.org
2
wordpress
plugin
vulnerability
xss
authenticated
EPSS
0.001
Percentile
24.8%
The Forms WordPress plugin before 1.12.3 did not sanitise its input fields, leading to Stored Cross-Site scripting issues. The plugin was vulnerable to an Authenticated Stored Cross-Site Scripting (XSS) vulnerability within the Forms “Add new” field.
CNA Affected
[
{
"product": "Forms",
"vendor": "Unknown",
"versions": [
{
"lessThan": "1.12.3",
"status": "affected",
"version": "1.12.3",
"versionType": "custom"
}
]
}
]Related
wpvulndb
wpvulndb
Forms < 1.12.3 - Authenticated Stored Cross-Site Scripting (XSS)
2021-07-03 00:00:00
nvd
nvd
CVE-2021-24505
2021-08-09 10:15:07
prion
prion
Cross site scripting
2021-08-09 10:15:00
wpexploit
wpexploit
Forms < 1.12.3 - Authenticated Stored Cross-Site Scripting (XSS)
2021-07-03 00:00:00
cve
cve
CVE-2021-24505
2021-08-09 10:15:07