3 matches found
WordPress WPForms Pro Plugin <= 1.8.5.3 is vulnerable to Cross Site Scripting (XSS)
Software WPForms Pro Type Plugin Vulnerable versions = 1.8.5.3 Fixed in 1.8.5.4 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2023-7063 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID b002ca3b6fb7 Credits drop Required...
CVE-2023-7063
The WPForms Pro plugin for WordPress is vulnerable to Stored Cross-Site Scripting via form submission parameters in all versions up to, and including, 1.8.5.3 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary web...
CVE-2023-7063
CVE-2023-7063 affects the WPForms Pro WordPress plugin. The vulnerability is a Stored Cross-Site Scripting (XSS) via form submission parameters in all versions up to and including 1.8.5.3, caused by insufficient input sanitization and output escaping. Exploitation is possible by unauthenticated a...