Lucene search

K

CVE-2024-9940

🗓️ 17 Oct 2024 02:04:15Reported by [email protected]Type 
nvd
 nvd
🔗 web.nvd.nist.gov👁 7 Views

The Calculated Fields Form plugin for WordPress is vulnerable to HTML Injection in all versions up to, and including, 5.2.45 due to the plugin not properly neutralizing HTML elements from submitted forms. This allows unauthenticated attackers to inject arbitrary HTML that renders in the administrator's email view of form submissions

Show more
Related
Refs