3 matches found
CVE-2026-15395
The Kali Forms — Contact Form & Drag-and-Drop Builder plugin for WordPress is vulnerable to Stored Cross-Site Scripting via 'digitalSignature' Field Value in all versions up to, and including, 2.4.18 due to insufficient input sanitization and output escaping. This makes it possible for...
CVE-2026-15395 Kali Forms <= 2.4.18 - Unauthenticated Stored Cross-Site Scripting via 'digitalSignature' Field Value
The Kali Forms — Contact Form & Drag-and-Drop Builder plugin for WordPress is vulnerable to Stored Cross-Site Scripting via 'digitalSignature' Field Value in all versions up to, and including, 2.4.18 due to insufficient input sanitization and output escaping. This makes it possible for...
CVE-2026-15395
The Kali Forms — Contact Form & Drag-and-Drop Builder WordPress plugin is affected by CVE-2026-15395: Stored XSS via the digitalSignature field in all versions up to and including 2.4.18, caused by insufficient input sanitization and output escaping. The vulnerability allows unauthenticated attac...