5 matches found
CVE-2023-24386
Auth. admin+ Stored Cross-Site Scripting XSS vulnerability in Karishma Arora AI Contact Us Form plugin = 1.0 versions...
CVE-2023-24386 WordPress AI Contact Us Form Plugin <= 1.0 is vulnerable to Cross Site Scripting (XSS)
Auth. admin+ Stored Cross-Site Scripting XSS vulnerability in Karishma Arora AI Contact Us Form plugin = 1.0 versions...
CVE-2023-24386 WordPress AI Contact Us Form Plugin <= 1.0 is vulnerable to Cross Site Scripting (XSS)
Auth. admin+ Stored Cross-Site Scripting XSS vulnerability in Karishma Arora AI Contact Us Form plugin = 1.0 versions...
CVE-2023-24386
The CVE refers to a Stored Cross-Site Scripting (XSS) vulnerability in the WordPress plugin “Karishma Arora AI Contact Us Form” versions <= 1.0. The issue is described as Auth. (admin+) XSS, indicating that authenticated users with admin-level privileges can exploit it. The root cause document...
WordPress AI Contact Us Form Plugin <= 1.0 is vulnerable to Cross Site Scripting (XSS)
Software AI Contact Us Form Type Plugin Vulnerable versions = 1.0 Fixed in N/A OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2023-24386 Patch priority Low CVSS severity Low 5.9 Developer Claim ownership PSID 673ba1e565e3 Credits Aswin Balaji Required...