2 matches found
CVE-2024-3053
The Forminator – Contact Form, Payment Form & Custom Form Builder plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘id’ forminatorform shortcode attribute in versions up to, and including, 1.29.2 due to insufficient input sanitization and output escaping. This makes it...
CVE-2024-3053
CVE-2024-3053 applies to the WordPress plugin Forminator – Contact Form, Payment Form & Custom Form Builder . The vulnerability is a Stored Cross-Site Scripting via the shortcodes’ forminator_form id attribute, affecting versions up to and including 1.29.2 due to insufficient input sanitization a...