3 matches found
CVE-2024-13403
The WPForms – Easy Form Builder for WordPress – Contact Forms, Payment Forms, Surveys, & More plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘fieldHTML’ parameter in all versions up to, and including, 1.9.3.1 due to insufficient input sanitization and output escaping...
CVE-2024-13403
creationtimestamp| type| source ---|---|--- 2025-02-04 08:31:39+00:00| seen| https://infosec.exchange/users/cve/statuses/113944684067505073 2025-02-04 09:15:50+00:00| seen| https://bsky.app/profile/cve-notifications.bsky.social/post/3lhdpubbmom27 2025-02-04 12:13:05+00:00| seen|...
CVE-2024-13403 WPForms Lite <= 1.9.3.1 - Authenticated (Contributor+) Stored Cross-Site Scripting via fieldHTML Parameter
The WPForms – Easy Form Builder for WordPress – Contact Forms, Payment Forms, Surveys, & More plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘fieldHTML’ parameter in all versions up to, and including, 1.9.3.1 due to insufficient input sanitization and output escaping...