WordPress HelloLeads CRM Form Shortcode plugin <= 1.0 - Unauthenticated Settings Reset vulnerability

Unauthenticated Settings Reset vulnerability discovered by Khaled Alenazi Nxploited in WordPress Plugin HelloLeads CRM Form Shortcode versions = 1.0...

WordPress Contact Form Entries 1.1.6 Cross Site Scripting

Exploit Title: WordPress Plugin Contact Form Entries 1.1.6 - Cross Site Scripting XSS Unauthenticated Date: 22/12/2021 Exploit Author: gx1 Vulnerability Discovery: Gaetano Perrone Vendor Homepage: https://www.crmperks.com/ Software Link: https://wordpress.org/plugins/contact-form-entries/ Version...

WordPress plugin 跨站脚本漏洞

WordPress is the WordPress Foundation's suite of blogging platforms developed using the PHP language. The platform supports the hosting of personal blog sites on PHP and MySQL servers. WordPress CRM Form Entries Plugin has a cross-site scripting vulnerability in versions prior to 1.1.7, which ste...

WordPress CRM Form Entries Cross Site Scripting

Hello, today I disclosed the CVE-2021-25080 vulnerability. Here attached technical information: References: https://wpscan.com/vulnerability/acd3d98a-aab8-49be-b77e-e8c6ede171ac https://secsi.io/blog/cve-2021-25080-finding-cross-site-scripting-vulnerabilities-in-headers/ Description: WordPress...

WordPress CRM Form Entries 1.1.6 - Cross Site Scripting Vulnerability

WordPress CRM Form Entries versions prior to 1.1.7 appear susceptible to a cross site scripting vulnerability. Hello, today I disclosed the CVE-2021-25080 vulnerability. Here attached technical information: References: https://wpscan.com/vulnerability/acd3d98a-aab8-49be-b77e-e8c6ede171ac...