3 matches found
CVE-2022-0402
The Super Forms - Drag & Drop Form Builder WordPress plugin before 6.0.4 does not escape the bobczypanstwasprawazostalarozwiazana parameter before outputting it back in an attribute via the superlanguageswitcher AJAX action, leading to a Reflected Cross-Site Scripting. The action is also lacking...
CVE-2022-0402 Superforms < 6.0.4 - Reflected Cross-Site Scripting
The Super Forms - Drag & Drop Form Builder WordPress plugin before 6.0.4 does not escape the bobczypanstwasprawazostalarozwiazana parameter before outputting it back in an attribute via the superlanguageswitcher AJAX action, leading to a Reflected Cross-Site Scripting. The action is also lacking...
CVE-2022-0402
CVE-2022-0402 affects the WordPress plugin Super Forms – Drag & Drop Form Builder prior to 6.0.4. The vulnerability arises because the parameter named in the description (bob_czy_panstwa_sprawa_zostala_rozwiazana) is not escaped before being echoed back in an attribute via the super_language_swit...