WordPress weForms plugin <= 1.6.27 - Authenticated (Subscriber+) Stored Cross-Site Scripting via Hidden Field Value via REST API vulnerability
Authenticated Subscriber+ Stored Cross-Site Scripting via Hidden Field Value via REST API vulnerability discovered by Muhammad Sharief in WordPress Plugin weForms versions = 1.6.27...