WordPress youForms plugin <= 1.0.5 - Authenticated Stored Cross-Site Scripting (XSS) vulnerability

2021-07-3000:00:00

xiahao

patchstack.com

0.001 Low

EPSS

Percentile

25.0%

Authenticated Stored Cross-Site Scripting (XSS) vulnerability discovered by xiahao in WordPress youForms plugin (versions <= 1.0.5).

Solution

           This plugin has been closed as of July 30, 2021 and is not available for download. This closure is temporary, pending a full review.

CPENameOperatorVersion
youforms for wordpress – creating forms for copecartle1.0.5

CPE	Name	Operator	Version
	youforms for wordpress – creating forms for copecart	le	1.0.5

cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-24596

wordpress.org/plugins/youforms-free-for-copecart/

wpscan.com/vulnerability/b5def0e7-2b4a-43e0-8175-28b28aa2f8ae

0.001 Low

EPSS

Percentile

25.0%

Related for PATCHSTACK:51112D2FAA86B12DEC8086DAB90AA2EA