WordPress plugin Yay! Forms | Embed Custom Forms, Surveys, and Quizzes Easily 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A cross-site scripting vulnerability exists...

WordPress Yay! Forms plugin <= 1.2.1 - Authenticated (Contributor+) Stored Cross-Site Scripting vulnerability

Authenticated Contributor+ Stored Cross-Site Scripting vulnerability discovered by Peter Thaleikis in WordPress Plugin Yay! Forms versions = 1.2.1...

CVE-2024-13725

The Keap Official Opt-in Forms plugin for WordPress is vulnerable to Local File Inclusion in all versions up to, and including, 2.0.1 via the service parameter. This makes it possible for unauthenticated attackers to include PHP files on the server, allowing the execution of any PHP code in those...

CVE-2024-13725

The Keap Official Opt-in Forms plugin for WordPress is vulnerable to Local File Inclusion in all versions up to, and including, 2.0.1 via the service parameter. This makes it possible for unauthenticated attackers to include PHP files on the server, allowing the execution of any PHP code in those...

CVE-2024-13725 Keap Official Opt-in Forms <= 2.0.1 - Unauthenticated Limited Local File Inclusion

The Keap Official Opt-in Forms plugin for WordPress is vulnerable to Local File Inclusion in all versions up to, and including, 2.0.1 via the service parameter. This makes it possible for unauthenticated attackers to include PHP files on the server, allowing the execution of any PHP code in those...

WordPress plugin Keap Official Opt-in Forms 路径遍历漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed in the PHP language. WordPress plugin is an application plugin that supports personal blog sites on PHP and MySQL servers. A path traversal vulnerability exists in WordPress...

WordPress Keap Official Opt-in Forms plugin <= 2.0.1 - Unauthenticated Limited Local File Inclusion vulnerability

Unauthenticated Limited Local File Inclusion vulnerability discovered by Hiroho Shimada in WordPress Plugin Keap Official Opt-in Forms versions = 2.0.1...

WordPress Wise Forms plugin <= 1.2.0 - Unauthenticated Stored XSS vulnerability

Unauthenticated Stored XSS vulnerability discovered by Steven Pereira aka Cursed && Muktanand Kale aka Muktimantras in WordPress Plugin Wise Forms versions = 1.2.0...

CVE-2024-13603

The Wise Forms WordPress plugin through 1.2.0 does not sanitise and escape some of its settings, which could allow unauthenticated users to perform Stored Cross-Site Scripting attacks via malicious form submissions...

CVE-2024-13603

CVE-2024-13603 affects the Wise Forms WordPress plugin (versions

CVE-2024-13603 Wise Forms <= 1.2.0 - Unauthenticated Stored XSS

The Wise Forms WordPress plugin through 1.2.0 does not sanitise and escape some of its settings, which could allow unauthenticated users to perform Stored Cross-Site Scripting attacks via malicious form submissions...

PT-2025-6580 · WordPress · Wise Forms

Name of the Vulnerable Software and Affected Versions: Wise Forms WordPress plugin version 1.2.0 Description: The issue allows unauthenticated users to perform Stored Cross-Site Scripting attacks via malicious form submissions because the plugin does not sanitise and escape some of its settings...

WordPress plugin Wise Forms 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platforms developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security...

CVE-2024-7052

The Forminator Forms WordPress plugin before 1.38.3 does not sanitise and escape some of its settings, which could allow high privilege users such as Admin to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for example in multisite setup...

CVE-2024-13125

The Everest Forms WordPress plugin before 3.0.8.1 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for example in multisite setup...

CVE-2024-7052

The Forminator Forms WordPress plugin before 1.38.3 does not sanitise and escape some of its settings, which could allow high privilege users such as Admin to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for example in multisite setup...

CVE-2024-7052

The Forminator Forms WordPress plugin before 1.38.3 does not sanitise and escape some of its settings, which could allow high privilege users such as Admin to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for example in multisite setup...

WordPress plugin Forminator Forms 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plug-in. A security vulnerability...

PT-2025-6768 · WordPress · Forminator Forms

Name of the Vulnerable Software and Affected Versions: The Forminator Forms WordPress plugin versions prior to 1.38.3 Description: The issue allows high privilege users, such as Admin, to perform Stored Cross-Site Scripting attacks, even when the unfiltered html capability is disallowed, for...

WordPress Everest Forms plugin < 3.0.8.1 - Admin+ Stored XSS vulnerability

Admin+ Stored XSS vulnerability discovered by Dmitrii Ignatyev in WordPress Plugin Everest Forms versions 3.0.8.1...