3 matches found
CVE-2023-0169
creationtimestamp| type| source ---|---|--- 2025-03-21 18:20:01+00:00| seen| https://t.me/DarkWebInformerCVEAlerts/8399...
CVE-2023-0169
The Zoho Forms WordPress plugin before 3.0.1 does not validate and escape some of its shortcode attributes before outputting them back in a page/post where the shortcode is embed, which could allow users with the contributor role and above to perform Stored Cross-Site Scripting attacks...
CVE-2023-0169
CVE-2023-0169 pertains to the Zoho Forms WordPress plugin prior to version 3.0.1. The vulnerability arises because certain shortcode attributes are not validated or escaped before being echoed in the page, enabling stored XSS for users with the contributor role or higher. The issue is mitigated b...