3 matches found
CVE-2024-29117
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Cimatti Consulting Contact Forms by Cimatti allows Stored XSS.This issue affects Contact Forms by Cimatti: from n/a through 1.7.0...
CVE-2024-29117
CVE-2024-29117 is a WordPress vulnerability in the WordPress Contact Forms by Cimatti plugin. Connected sources confirm an unauthenticated Stored Cross‑Site Scripting (XSS) flaw caused by improper neutralization of input during web page generation, affecting Cimatti Contact Forms by Cimatti versi...
WordPress Contact Forms by Cimatti Plugin <= 1.7.0 is vulnerable to Cross Site Scripting (XSS)
Software Contact Forms by Cimatti Type Plugin Vulnerable versions = 1.7.0 Fixed in 1.8.0 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2024-29117 Patch priority Medium CVSS severity Medium 7.1 Developer Cimatti Consulting PSID 36dba4c9e5f8 Credits Joshua Chan Required...