CVE-2024-47642

CVE-2024-47642 is a stored Cross-Site Scripting (XSS) vulnerability in the WordPress plugin Keap Official Opt-in Forms (infusionsoft-official-opt-in-forms) that allows stored XSS via improper input neutralization during web page generation. Affected versions are up to 2.0.1 (listed as n/a through...

CVE-2024-47642 WordPress Keap Official Opt-in Forms plugin <= 2.0.3 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Keap Keap Official Opt-in Forms infusionsoft-official-opt-in-forms allows Stored XSS.This issue affects Keap Official Opt-in Forms: from n/a through = 2.0.3...

CVE-2024-9528

The Contact Form Plugin by Fluent Forms for Quiz, Survey, and Drag & Drop WP Form Builder plugin for WordPress is vulnerable to Stored Cross-Site Scripting via form label fields in all versions up to, and including, 5.1.19 due to insufficient input sanitization and output escaping. This makes it...

CVE-2024-9528 Contact Form Plugin by Fluent Forms for Quiz, Survey, and Drag & Drop WP Form Builder <= 5.1.19 - Authenticated (Form Manager+) Stored Cross-Site Scripting

The Contact Form Plugin by Fluent Forms for Quiz, Survey, and Drag & Drop WP Form Builder plugin for WordPress is vulnerable to Stored Cross-Site Scripting via form label fields in all versions up to, and including, 5.1.19 due to insufficient input sanitization and output escaping. This makes it...

CVE-2024-9528

CVE-2024-9528 : Stored Cross-Site Scripting in the WordPress plugin “Contact Form Plugin by Fluent Forms for Quiz, Survey, and Drag & Drop WP Form Builder” (versions ≤ 5.1.19). Root cause: insufficient input sanitization and output escaping in form label fields, allowing an authenticated attacker...

PT-2024-32691 · Zoho · Zoho Forms

Name of the Vulnerable Software and Affected Versions: Zoho Forms versions prior to 4.0 Description: The issue is related to Improper Neutralization of Input During Web Page Generation, also known as Cross-site Scripting XSS. This allows for Stored XSS in Zoho Forms. Recommendations: For versions...

WordPress plugin NEX-Forms – Ultimate Form Builder 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A cross-site scripting vulnerability exists...

WordPress plugin Quill Forms 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A cross-site scripting...

WordPress plugin BSK Forms Blacklist 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed in the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability exist...

WordPress plugin Zoho Forms 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A cross-site scripting...

WordPress plugin Keap Official Opt-in Forms 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed in the PHP language. WordPress plugin is an application plugin that supports personal blog sites on PHP and MySQL servers. A cross-site scripting vulnerability exists in WordPre...

PT-2024-32612 · Unknown · Quill Forms

Name of the Vulnerable Software and Affected Versions: Quill Forms versions through 3.7.0 Description: The issue is related to improper neutralization of input during web page generation, which leads to a Stored Cross-site Scripting XSS vulnerability. This allows for Stored XSS attacks...

PT-2024-32700 · Keap · Keap Official Opt-In Forms

Name of the Vulnerable Software and Affected Versions: Keap Official Opt-in Forms versions prior to 2.0.1 Description: The issue is related to Improper Neutralization of Input During Web Page Generation, also known as Cross-site Scripting XSS. This allows for Stored XSS attacks. Recommendations:...

CVE-2024-8718

The Gravity Forms Toolbar plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the 'tab' parameter in all versions up to, and including, 1.7.0 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary w...

CVE-2024-8718 Gravity Forms Toolbar <= 1.7.0 - Reflected Cross-Site Scripting

The Gravity Forms Toolbar plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the 'tab' parameter in all versions up to, and including, 1.7.0 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary w...

CVE-2024-8718

CVE-2024-8718: Gravity Forms Toolbar plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the tab parameter in versions up to and including 1.7.0. The vulnerability allows unauthenticated attackers to inject scripts into pages invoked when a user is enticed to perform an actio...

CVE-2024-8718 Gravity Forms Toolbar <= 1.7.0 - Reflected Cross-Site Scripting

The Gravity Forms Toolbar plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the 'tab' parameter in all versions up to, and including, 1.7.0 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary w...

WordPress Gravity Forms Toolbar plugin <= 1.7.0 - Reflected Cross-Site Scripting vulnerability

Reflected Cross-Site Scripting vulnerability discovered by Webbernaut in WordPress Plugin Gravity Forms Toolbar versions = 1.7.0...

PT-2024-39198 · WordPress · Gravity Forms Toolbar

Name of the Vulnerable Software and Affected Versions: Gravity Forms Toolbar plugin for WordPress version 1.7.0 and earlier Description: The issue is related to Reflected Cross-Site Scripting via the tab parameter due to insufficient input sanitization and output escaping. This allows...

WordPress plugin Gravity Forms Toolbar 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A cross-site scripting...