Authenticated Stored Cross-Site Scripting (XSS) vulnerability discovered by ptsfence (Patchstack Alliance) in WordPress Contact Form By Mega Forms plugin (versions <= 1.2.4).
Update the WordPress Contact Form By Mega Forms – Drag and Drop Form Builder plugin to the latest available version (at least 1.2.5).
CPE | Name | Operator | Version |
---|---|---|---|
contact form by mega forms – drag and drop form builder | le | 1.2.4 |