CVE-2023-29438

Auth. admin+ Stored Cross-Site Scripting XSS vulnerability in Eric Martin SimpleModal Contact Form SMCF plugin = 1.2.9 versions...

EUVD-2023-33007

Malicious code in bioql PyPI...

CVE-2023-29438

Auth. admin+ Stored Cross-Site Scripting XSS vulnerability in Eric Martin SimpleModal Contact Form SMCF plugin = 1.2.9 versions...

Cross site scripting

Auth. admin+ Stored Cross-Site Scripting XSS vulnerability in Eric Martin SimpleModal Contact Form SMCF plugin = 1.2.9 versions...

CVE-2023-29438

CVE-2023-29438 : Authenticated (admin+) Stored XSS in the WordPress plugin SimpleModal Contact Form (SMCF) , affected versions

SimpleModal Contact Form (SMCF) <= 1.2.9 - Admin+ Stored XSS

The plugin does not sanitize and escape some of its settings, which could allow high-privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for example in multisite setup...

WordPress Plugin SimpleModal Contact Form (SMCF) 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A cross-site scripting vulnerability exists...

WordPress SimpleModal Contact Form (SMCF) Plugin <= 1.2.9 is vulnerable to Cross Site Scripting (XSS)

Software SimpleModal Contact Form SMCF Type Plugin Vulnerable versions = 1.2.9 Fixed in N/A OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2023-29438 Patch priority Low CVSS severity Low 5.9 Developer Claim ownership PSID 0838ea65d5e5 Credits Rio Darmawa...