3 matches found
WordPress Integration for Freshsales – Contact Form 7, WPForms, Elementor, Gravity Forms and More plugin <= 1.0.15 - Unauthenticated Stored Cross-Site Scripting vulnerability
Unauthenticated Stored Cross-Site Scripting vulnerability discovered by PeterPatter - - in WordPress Plugin Integration for Freshsales – Contact Form 7, WPForms, Elementor, Gravity Forms and More versions = 1.0.15...
CVE-2026-8901
CVE-2026-8901 affects the WordPress plugin “Integration for Freshsales – Contact Form 7, WPForms, Elementor, Gravity Forms and More.” It is vulnerable to Stored Cross-Site Scripting via Form Submission Data in all versions up to 1.0.15, caused by insufficient input sanitization and output escapin...
EUVD-2026-34941
The Integration for Freshsales – Contact Form 7, WPForms, Elementor, Gravity Forms and More plugin for WordPress is vulnerable to Stored Cross-Site Scripting via Form Submission Data in all versions up to, and including, 1.0.15 due to insufficient input sanitization and output escaping. This make...