55 matches found
CVE-2023-48752
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Happyforms Form builder to get in touch with visitors, grow your email list and collect payments — Happyforms allows Reflected XSS.This issue affects Form builder to get in touch with visitors, gro...
Cross site scripting
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Happyforms Form builder to get in touch with visitors, grow your email list and collect payments — Happyforms allows Reflected XSS.This issue affects Form builder to get in touch with visitors, gro...
CVE-2023-48752 WordPress Happyforms Plugin <= 1.25.9 is vulnerable to Cross Site Scripting (XSS)
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Happyforms Form builder to get in touch with visitors, grow your email list and collect payments — Happyforms allows Reflected XSS.This issue affects Form builder to get in touch with visitors, gro...
CVE-2023-48752 WordPress Happyforms Plugin <= 1.25.9 is vulnerable to Cross Site Scripting (XSS)
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Happyforms Form builder to get in touch with visitors, grow your email list and collect payments — Happyforms allows Reflected XSS.This issue affects Form builder to get in touch with visitors, gro...
CVE-2023-48752
CVE-2023-48752 is a Reflected XSS in the WordPress Happyforms plugin (versions ≤ 1.25.9). Unauthenticated attackers could exploit input handling during page generation to execute script in a victim’s browser. Patch status varies by source: Wordfence lists the vulnerability as Unpatched for Happyf...
WordPress Plugin Happyforms Cross-Site Scripting Vulnerability
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on servers running PHP and MySQL.WordPress plugin is an application plugin. A cross-site scripting vulnerabilit...
WordPress Happyforms Plugin <= 1.25.9 is vulnerable to Cross Site Scripting (XSS)
Software Happyforms Type Plugin Vulnerable versions = 1.25.9 Fixed in 1.25.10 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-48752 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID 31f86188864b Credits Le Ngoc Anh Required privilege...
CVE-2023-0096
The Happyforms WordPress plugin before 1.22.0 does not validate and escape some of its block options before outputting them back in a page/post where the block is embed, which could allow users with the contributor role and above to perform Stored Cross-Site Scripting attacks...
CVE-2023-0096
The Happyforms WordPress plugin before 1.22.0 does not validate and escape some of its block options before outputting them back in a page/post where the block is embed, which could allow users with the contributor role and above to perform Stored Cross-Site Scripting attacks...
CVE-2023-0096 Happyforms < 1.22.0 - Contributor+ Stored XSS
The Happyforms WordPress plugin before 1.22.0 does not validate and escape some of its block options before outputting them back in a page/post where the block is embed, which could allow users with the contributor role and above to perform Stored Cross-Site Scripting attacks...
CVE-2023-0096 Happyforms < 1.22.0 - Contributor+ Stored XSS
The Happyforms WordPress plugin before 1.22.0 does not validate and escape some of its block options before outputting them back in a page/post where the block is embed, which could allow users with the contributor role and above to perform Stored Cross-Site Scripting attacks...
WordPress Plugin Happyforms 跨站脚本漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A cross-site scripting vulnerability exists...
Happyforms < 1.22.0 - Contributor+ Stored XSS
The plugin does not validate and escape some of its block options before outputting them back in a page/post where the block is embed, which could allow users with the contributor role and above to perform Stored Cross-Site Scripting attacks. PoC Exploit Additional CSS classes for "Forms" Gutenbe...
Happyforms < 1.22.0 - Contributor+ Stored XSS
The plugin does not validate and escape some of its block options before outputting them back in a page/post where the block is embed, which could allow users with the contributor role and above to perform Stored Cross-Site Scripting attacks. Exploit Additional CSS classes for "Forms" Gutenberg...
WordPress Happyforms Plugin < 1.22.0 is vulnerable to Cross Site Scripting (XSS)
Software Happyforms Type Plugin Vulnerable versions 1.22.0 Fixed in 1.22.0 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2023-0096 Patch priority Medium CVSS severity Medium 6.5 Developer Claim ownership PSID d99bfc7fc4ba Credits Lana Codes Required...