6 matches found
PT-2025-21449 · WordPress · The Form Maker
Name of the Vulnerable Software and Affected Versions: The Form Maker by 10Web WordPress plugin versions prior to 1.15.33 Description: The issue allows high privilege users, such as admins, to perform Stored Cross-Site Scripting attacks. This is possible even when the unfiltered html capability i...
PT-2025-16560 · WordPress · The Form Maker
Name of the Vulnerable Software and Affected Versions: The Form Maker by 10Web WordPress plugin versions prior to 1.15.32 Description: The issue allows high privilege users, such as admins, to perform Stored Cross-Site Scripting attacks. This can occur even when the unfiltered html capability is...
PT-2025-1594 · 10Web · The Form Maker
Name of the Vulnerable Software and Affected Versions: The Form Maker by 10Web WordPress plugin versions prior to 1.15.31 Description: The issue allows high privilege users, such as admin, to perform Stored Cross-Site Scripting attacks even when the unfiltered html capability is disallowed, for...
PT-2024-39147 · 10Web · The Form Maker
Name of the Vulnerable Software and Affected Versions: The Form Maker by 10Web – Mobile-Friendly Drag & Drop Contact Form Builder plugin for WordPress versions up to, and including, 1.15.27 Description: The issue is related to Stored Cross-Site Scripting due to insufficient input sanitization and...
PT-2024-37406 · 10Web · The Form Maker
Name of the Vulnerable Software and Affected Versions: The Form Maker by 10Web WordPress plugin versions prior to 1.15.26 Description: The issue allows high privilege users, such as admins, to perform Stored Cross-Site Scripting attacks. This is possible because some settings are not properly...
PT-2023-30146
Name of the Vulnerable Software and Affected Versions The Form Maker by 10Web WordPress plugin versions prior to 1.15.20 Description The issue allows unauthenticated users to create arbitrary files on the server from user input due to a lack of signature validation, potentially leading to remote...