4 matches found
CVE-2024-10504
The Contact Form, Survey, Quiz & Popup Form Builder WordPress plugin before 1.7.1 does not sanitise and escape some parameters when outputting them in the page, which could allow unauthenticated users to perform Cross-Site Scripting attacks...
WordPress ARForms Builder plugin < 1.7.1 - Unauthenticated Stored XSS vulnerability
Unauthenticated Stored XSS vulnerability discovered by Malek Althubiany in WordPress Plugin ARForms Form Builder versions 1.7.1...
CVE-2024-10504
The Contact Form, Survey, Quiz & Popup Form Builder WordPress plugin before 1.7.1 does not sanitise and escape some parameters when outputting them in the page, which could allow unauthenticated users to perform Cross-Site Scripting attacks...
CVE-2024-10504 ARForms Builder < 1.7.1 - Unauthenticated Stored XSS
The Contact Form, Survey, Quiz & Popup Form Builder WordPress plugin before 1.7.1 does not sanitise and escape some parameters when outputting them in the page, which could allow unauthenticated users to perform Cross-Site Scripting attacks...