4 matches found
CVE-2023-2324
The Elementor Forms Google Sheet Connector WordPress plugin before 1.0.7, gsheetconnector-for-elementor-forms-pro WordPress plugin through 1.0.7 does not escape some parameters before outputting them back in attributes, leading to Reflected Cross-Site Scripting which could be used against high...
CVE-2023-2324
The CVE-2023-2324 entry concerns the Elementor Forms Google Sheet Connector (and gsheetconnector-for-elementor-forms-pro) WordPress plugins. Affected versions prior to 1.0.7 fail to escape certain parameters before echoing them in attributes, enabling Reflected Cross-Site Scripting. This could be...
CVE-2023-2324 Elementor Forms Google Sheet Connector < 1.0.7 - Reflected XSS
The Elementor Forms Google Sheet Connector WordPress plugin before 1.0.7, gsheetconnector-for-elementor-forms-pro WordPress plugin through 1.0.7 does not escape some parameters before outputting them back in attributes, leading to Reflected Cross-Site Scripting which could be used against high...
WordPress Elementor Forms Google Sheet Connector Plugin < 1.0.7 is vulnerable to Cross Site Scripting (XSS)
Software Elementor Forms Google Sheet Connector Type Plugin Vulnerable versions 1.0.7 Fixed in 1.0.7 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2023-2324 Patch priority High CVSS severity High 7.1 Developer Claim ownership PSID 9c0650ee0f4a Credits...