2 matches found
CVE-2026-9253
The WP Cost Estimation & Payment Forms Builder E&P Forms plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'customerInfos' parameter in all versions up to, and including, 10.5.97 due to insufficient input sanitization and output escaping. This makes it possible for...
CVE-2026-9253
Summary : CVE-2026-9253 affects the WordPress plugin “WP Cost Estimation & Payment Forms Builder (E&P Forms)”. The vulnerability is a Stored Cross-Site Scripting (Stored XSS) via the customerInfos parameter in all versions up to and including 10.5.97, caused by insufficient input sanitization and...