3 matches found
CVE-2023-35095
Auth. admin+ Stored Cross-Site Scripting XSS vulnerability in Flothemes Flo Forms – Easy Drag & Drop Form Builder plugin = 1.0.40 versions...
CVE-2023-35095
CVE-2023-35095 affects the WordPress plugin Flo Forms – Easy Drag & Drop Form Builder (Flothemes) up to version 1.0.40. The vulnerability is an authenticated (admin+) Stored Cross‑Site Scripting (XSS) flaw in Flo Forms, requiring admin privileges to exploit. The issue is grounded in the plugin’s ...
WordPress Flo Forms Plugin <= 1.0.40 is vulnerable to Cross Site Scripting (XSS)
Software Flo Forms Type Plugin Vulnerable versions = 1.0.40 Fixed in 1.0.41 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2023-35095 Patch priority Low CVSS severity Low 5.9 Developer Claim ownership PSID 80a812c3a1fb Credits yuyudhn Required privilege...