3 matches found
WordPress gravity-forms-sms-notifications plugin cross-site scripting vulnerability
WordPress is a blogging platform developed by the WordPress Foundation using the PHP language. The platform supports personal blog sites on PHP and MySQL servers. gravity-forms-sms-notifications is a short message alert plugin used in it. A cross-site scripting vulnerability exists in the WordPre...
CVE-2017-18495
The connected records confirm CVE-2017-18495 affects the Gravity Forms SMS Notifications plugin for WordPress, with a cross-site scripting (XSS) vulnerability in versions prior to 2.4.0. The issue arises from insufficient validation of client-side data, enabling an attacker to execute client-side...
CVE-2017-18495
The gravity-forms-sms-notifications plugin before 2.4.0 for WordPress has XSS...