3 matches found
CVE-2024-10562
creationtimestamp| type| source ---|---|--- 2025-01-07 06:33:10+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3lf4zpmlcfz2k 2025-01-07 06:36:59+00:00| seen| https://t.me/DarkWebInformerCVEAlerts/360 2025-01-07 08:00:51+00:00| seen| https://t.me/cvedetector/14484...
CVE-2024-10562
CVE-2024-10562 affects the WordPress plugin Form Maker by 10Web (versions before 1.15.31). An authenticated admin can exploit a Stored Cross-Site Scripting (XSS) flaw due to incomplete sanitization/escaping of certain settings, enabling script execution in the admin context. The issue is document...
CVE-2024-10562 Form Maker by 10Web < 1.15.31 - Admin+ Stored XSS
The Form Maker by 10Web WordPress plugin before 1.15.31 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for example in multisite setup...