5 matches found
CVE-2025-3487
creationtimestamp| type| source ---|---|--- 2025-04-17 12:00:55+00:00| seen| https://t.me/DarkWebInformerCVEAlerts/12208 2025-04-17 14:49:07+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3lmze2ikjw72g 2025-04-17 17:09:34+00:00| seen| https://t.me/cvedetector/23232...
CVE-2025-3487 Forminator <= 1.42.0 - Authenticated (Contributor+) Stored Cross-Site Scripting via 'limit'
The Forminator Forms – Contact Form, Payment Form & Custom Form Builder plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘limit’ parameter in all versions up to, and including, 1.42.0 due to insufficient input sanitization and output escaping. This makes it possible for...
CVE-2025-3487
CVE-2025-3487 affects Forminator Forms – Contact Form, Payment Form & Custom Form Builder (WordPress). It is a Stored Cross-Site Scripting vulnerability via the limit parameter in all versions up to and including 1.42.0, caused by insufficient input sanitization and output escaping. Exploitation ...
CVE-2025-3487 Forminator <= 1.42.0 - Authenticated (Contributor+) Stored Cross-Site Scripting via 'limit'
The Forminator Forms – Contact Form, Payment Form & Custom Form Builder plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘limit’ parameter in all versions up to, and including, 1.42.0 due to insufficient input sanitization and output escaping. This makes it possible for...
WordPress Forminator plugin <= 1.42.0 - Authenticated (Contributor+) Stored Cross-Site Scripting via 'limit' vulnerability
Authenticated Contributor+ Stored Cross-Site Scripting via 'limit' vulnerability discovered by Asaf Mozes in WordPress Plugin Forminator versions = 1.42.0...