2 matches found
WordPress Metform Elementor Contact Form Builder Plugin < 3.3.1 Multiple Vulnerabilities
The WordPress plugin SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:wpmet:metformelementorcontactformbuilder"; if description...
CVE-2023-0709
The CVE concerns the WordPress plugin Metform Elementor Contact Form Builder for WordPress. Versions up to and including 3.3.0 are vulnerable to stored Cross-Site Scripting via the mf_last_name shortcode, which echoes unescaped form submissions and can execute scripts in pages when a page contain...