PT-2024-16301 · WordPress · Everest Forms

Name of the Vulnerable Software and Affected Versions: Everest Forms WordPress plugin versions prior to 3.0.4.2 Description: The issue allows high privilege users, such as admins, to perform Stored Cross-Site Scripting attacks, even when the unfiltered html capability is disallowed, for example, ...

WordPress plugin Everest Forms 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platforms developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security...

WordPress Plugin User Registration Cross-Site Scripting Vulnerability

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A cross-site scripting vulnerability exists...

User Registration < 3.0.4.2 - Admin+ Stored XSS

Description The plugin does not sanitize and escape some of its settings, which could allow high-privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for example in multisite setup. 1. Install and activate this plugin -...