8 matches found
CVE-2023-25981
Auth. contributor+ Stored Cross-Site Scripting XSS vulnerability in ThemeKraft Post Form plugin = 2.8.1 versions...
CVE-2023-25981
Auth. contributor+ Stored Cross-Site Scripting XSS vulnerability in ThemeKraft Post Form plugin = 2.8.1 versions...
CVE-2023-25981
Auth. contributor+ Stored Cross-Site Scripting XSS vulnerability in ThemeKraft Post Form plugin = 2.8.1 versions...
Cross site scripting
Auth. contributor+ Stored Cross-Site Scripting XSS vulnerability in ThemeKraft Post Form plugin = 2.8.1 versions...
CVE-2023-25981
CVE-2023-25981 is a Stored Cross-Site Scripting (XSS) vulnerability in WordPress BuddyForms plugin versions up to 2.8.1. The issue arises from insufficient input escaping in the Post Form workflow, enabling an attacker with Contributor privileges to inject scripts into a site. A fixed version is ...
CVE-2022-38971
Stored Cross-Site Scripting XSS vulnerability in ThemeKraft Post Form – Registration Form – Profile Form for User Profiles and Content Forms for User Submissions plugin = 2.7.5 versions...
CVE-2022-38971
Stored Cross-Site Scripting XSS vulnerability in ThemeKraft Post Form – Registration Form – Profile Form for User Profiles and Content Forms for User Submissions plugin = 2.7.5 versions...
PT-2023-13667 · WordPress · Themekraft Post Form
Name of the Vulnerable Software and Affected Versions: ThemeKraft Post Form – Registration Form – Profile Form for User Profiles and Content Forms for User Submissions plugin versions = 2.7.5 Description: The issue is a Stored Cross-Site Scripting XSS vulnerability. This means that an attacker ca...