Formie for Craft CMS 跨站脚本漏洞

Formie for Craft CMS is an open source form plugin for Craft CMS by Verbb. A cross-site scripting vulnerability exists in Formie for Craft CMS versions prior to 2.1.44 that stems from not properly escaping output when importing forms...

CVE-2020-9457

The RegistrationMagic plugin through 4.6.0.3 for WordPress allows remote authenticated users with minimal privileges to import custom vulnerable forms and change form settings via classrmformsettingscontroller.php, resulting in privilege escalation...