Lucene search
K

4 matches found

RedhatCVE
RedhatCVE
added 2025/05/18 6:4 a.m.23 views

CVE-2025-3201

The Contact Form builder with drag & drop for WordPress WordPress plugin before 2.4.3 does not sanitise and escape some of its settings, which could allow high privilege users such as contributors to perform Stored Cross-Site Scripting attacks...

5.9CVSS5.9AI score0.00214EPSS
Exploits1References1
NVD
NVD
added 2025/05/16 6:15 a.m.11 views

CVE-2025-3201

The Contact Form builder with drag & drop for WordPress WordPress plugin before 2.4.3 does not sanitise and escape some of its settings, which could allow high privilege users such as contributors to perform Stored Cross-Site Scripting attacks...

5.9CVSS0.00214EPSS
Exploits1References1
CVE
CVE
added 2025/05/16 6:0 a.m.38 views

CVE-2025-3201

CVE-2025-3201 concerns the WordPress plugin for the Contact Form builder with drag & drop (Kali Forms) prior to version 2.4.3. The vulnerability stems from insufficient sanitization and escaping of certain settings, enabling Stored Cross-Site Scripting (Stored XSS) by high-privilege users (e.g., ...

5.9CVSS5.9AI score0.00214EPSS
Exploits1References1Affected Software1
Cvelist
Cvelist
added 2025/05/16 6:0 a.m.32 views

CVE-2025-3201 Kali Forms < 2.4.3 - Contributor+ Stored XSS

The Contact Form builder with drag & drop for WordPress WordPress plugin before 2.4.3 does not sanitise and escape some of its settings, which could allow high privilege users such as contributors to perform Stored Cross-Site Scripting attacks...

0.00214EPSS
Exploits1References1
Rows per page
Query Builder