3 matches found
CVE-2022-40191
Authenticated subscriber+ Stored Cross-Site Scripting XSS vulnerability in Ali Khallad's Contact Form By Mega Forms plugin = 1.2.4 at WordPress...
CVE-2022-40191 WordPress Contact Form By Mega Forms plugin <= 1.2.4 - Authenticated Stored Cross-Site Scripting (XSS) vulnerability
Authenticated subscriber+ Stored Cross-Site Scripting XSS vulnerability in Ali Khallad's Contact Form By Mega Forms plugin = 1.2.4 at WordPress...
CVE-2022-40191
Summary: CVE-2022-40191 affects the WordPress plugin “Ali Khallad’s Contact Form By Mega Forms” up to version 1.2.4. The issue is an authenticated (subscriber+) Stored Cross-Site Scripting (XSS) vulnerability stemming from inadequate sanitization/escaping of input, enabling script injection by us...