3 matches found
CVE-2022-47608
Auth. admin+ Stored Cross-Site Scripting XSS vulnerability in Fullworks Quick Contact Form plugin = 8.0.3.1 versions...
CVE-2022-47608 WordPress Quick Contact Form Plugin <= 8.0.3.1 is vulnerable to Cross Site Scripting (XSS)
Auth. admin+ Stored Cross-Site Scripting XSS vulnerability in Fullworks Quick Contact Form plugin = 8.0.3.1 versions...
CVE-2022-47608
CVE-2022-47608 affects the WordPress plugin Quick Contact Form (Fullworks) up to version 8.0.3.1. The issue is a Stored Cross-Site Scripting (XSS) vulnerability exploitable by an authenticated attacker with admin+ privileges, as the root cause is insufficient input validation/escaping in the plug...