12 matches found
CVE-2024-10883
The SimpleForm – Contact form made simple plugin for WordPress is vulnerable to Reflected Cross-Site Scripting due to the use of addqueryarg & removequeryarg without appropriate escaping on the URL in all versions up to, and including, 2.2.0. This makes it possible for unauthenticated attackers t...
CVE-2024-10884
The SimpleForm Contact Form Submissions plugin for WordPress is vulnerable to Reflected Cross-Site Scripting due to the use of addqueryarg & removequeryarg without appropriate escaping on the URL in all versions up to, and including, 2.1.0. This makes it possible for unauthenticated attackers to...
CVE-2024-10883
The CVE-2024-10883 entry affects the WordPress plugin SimpleForm – Contact form made simple, all versions up to and including 2.2.0. The vulnerability is a Reflected Cross-Site Scripting (XSS) flaw caused by use of add_query_arg and remove_query_arg without proper escaping, enabling unauthenticat...
CVE-2024-10884 SimpleForm Contact Form Submissions <= 2.1.0 - Reflected Cross-Site Scripting
The SimpleForm Contact Form Submissions plugin for WordPress is vulnerable to Reflected Cross-Site Scripting due to the use of addqueryarg & removequeryarg without appropriate escaping on the URL in all versions up to, and including, 2.1.0. This makes it possible for unauthenticated attackers to...
CVE-2024-10884 SimpleForm Contact Form Submissions <= 2.1.0 - Reflected Cross-Site Scripting
The SimpleForm Contact Form Submissions plugin for WordPress is vulnerable to Reflected Cross-Site Scripting due to the use of addqueryarg & removequeryarg without appropriate escaping on the URL in all versions up to, and including, 2.1.0. This makes it possible for unauthenticated attackers to...
CVE-2024-10883 SimpleForm – Contact form made simple <= 2.2.0 - Reflected Cross-Site Scripting
The SimpleForm – Contact form made simple plugin for WordPress is vulnerable to Reflected Cross-Site Scripting due to the use of addqueryarg & removequeryarg without appropriate escaping on the URL in all versions up to, and including, 2.2.0. This makes it possible for unauthenticated attackers t...
WordPress plugin SimpleForm Contact Form Submissions 跨站脚本漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation. WordPress is a blogging platform developed in the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. WordPress plugin SimpleForm Contact Form...
WordPress plugin SimpleForm 跨站脚本漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL. WordPress plugin is an application plugin. WordPress plugin...
WordPress SimpleForm Contact Form Submissions plugin <= 2.1.0 - Reflected Cross-Site Scripting vulnerability
Reflected Cross-Site Scripting vulnerability discovered by Peter Thaleikis in WordPress Plugin SimpleForm Contact Form Submissions versions = 2.1.0...
WordPress SimpleForm plugin <= 2.2.0 - Reflected Cross-Site Scripting vulnerability
Reflected Cross-Site Scripting vulnerability discovered by Peter Thaleikis in WordPress Plugin SimpleForm versions = 2.2.0...
WordPress SimpleForm Plugin <= 2.2.0 is vulnerable to Cross Site Scripting (XSS)
Software SimpleForm Type Plugin Vulnerable versions = 2.2.0 Fixed in N/A OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2024-10883 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID c9428f96f6e1 Credits Peter Thaleikis Required...
WordPress SimpleForm Contact Form Submissions Plugin <= 2.1.0 is vulnerable to Cross Site Scripting (XSS)
Software SimpleForm Contact Form Submissions Type Plugin Vulnerable versions = 2.1.0 Fixed in N/A OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2024-10884 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID 1b7fe42353c4 Credits...