CVE-2022-50896

Testa 3.5.1 contains a reflected cross-site scripting vulnerability in the login.php redirect parameter that allows attackers to inject malicious scripts. Attackers can craft a specially encoded payload in the redirect parameter to execute arbitrary JavaScript in victim's browser context...

EUVD-2025-50896

Malicious code in yucky-copper-leopard npm...

CVE-2023-50896

creationtimestamp| type| source ---|---|--- 2023-12-29 12:26:33+00:00| seen| https://t.me/ctinow/160453 2023-12-30 01:37:44+00:00| seen| https://t.me/cibsecurity/73938 2024-01-21 11:11:42+00:00| seen| https://t.me/ctinow/170805...

CVE-2023-50896

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in weForms weForms – Easy Drag & Drop Contact Form Builder For WordPress allows Stored XSS.This issue affects weForms – Easy Drag & Drop Contact Form Builder For WordPress: from n/a through 1.6.17...

CVE-2023-50896 WordPress weForms Plugin <= 1.6.17 is vulnerable to Cross Site Scripting (XSS)

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in weForms weForms – Easy Drag & Drop Contact Form Builder For WordPress allows Stored XSS.This issue affects weForms – Easy Drag & Drop Contact Form Builder For WordPress: from n/a through 1.6.17...

CVE-2023-50896

CVE-2023-50896 is a stored XSS in the WordPress plugin weForms (up to 1.6.17). The vulnerability requires authenticated access (Admin+), and exists in the weForms plugin as described in the CVE entry and corroborated by Red Hat’s advisory. The Wordfence Threat Intelligence entry for this CVE conf...

WordPress weForms Plugin <= 1.6.17 is vulnerable to Cross Site Scripting (XSS)

Software weForms Type Plugin Vulnerable versions = 1.6.17 Fixed in 1.6.18 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-50896 Patch priority Low CVSS severity Low 5.9 Developer Claim ownership PSID 17a0a696ff2c Credits emad Required privilege Administrator...