Lucene search
K

4 matches found

Patchstack
Patchstack
added 2025/05/17 12:34 a.m.5 views

WordPress Lead Form Builder plugin < 1.9.8 - Admin+ Stored XSS vulnerability

Admin+ Stored XSS vulnerability discovered by Krugov Artyom in WordPress Plugin Contact Form & Lead Form Elementor Builder versions 1.9.8...

4.8CVSS6.1AI score0.00266EPSS
Exploits1References1Affected Software1
OSV
OSV
added 2025/05/15 8:15 p.m.4 views

CVE-2024-10475

The Responsive Contact Form Builder & Lead Generation Plugin WordPress plugin before 1.9.8 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed f...

4.8CVSS5.8AI score0.00266EPSS
Exploits1References1
Cvelist
Cvelist
added 2025/05/15 8:6 p.m.12 views

CVE-2024-10475 Lead Form Builder < 1.9.8 - Admin+ Stored XSS

The Responsive Contact Form Builder & Lead Generation Plugin WordPress plugin before 1.9.8 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed f...

0.00266EPSS
Exploits1References1
Vulnrichment
Vulnrichment
added 2025/05/15 8:6 p.m.8 views

CVE-2024-10475 Lead Form Builder < 1.9.8 - Admin+ Stored XSS

The Responsive Contact Form Builder & Lead Generation Plugin WordPress plugin before 1.9.8 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed f...

4.8AI score0.00266EPSS
Exploits1References1
Rows per page
Query Builder