WordPress Wise Forms plugin <= 1.2.0 - Unauthenticated Stored XSS vulnerability

Unauthenticated Stored XSS vulnerability discovered by Steven Pereira aka Cursed && Muktanand Kale aka Muktimantras in WordPress Plugin Wise Forms versions = 1.2.0...

CVE-2024-13603

The Wise Forms WordPress plugin through 1.2.0 does not sanitise and escape some of its settings, which could allow unauthenticated users to perform Stored Cross-Site Scripting attacks via malicious form submissions...

CVE-2024-13603

CVE-2024-13603 affects the Wise Forms WordPress plugin (versions

CVE-2024-13603 Wise Forms <= 1.2.0 - Unauthenticated Stored XSS

The Wise Forms WordPress plugin through 1.2.0 does not sanitise and escape some of its settings, which could allow unauthenticated users to perform Stored Cross-Site Scripting attacks via malicious form submissions...

PT-2025-6580 · WordPress · Wise Forms

Name of the Vulnerable Software and Affected Versions: Wise Forms WordPress plugin version 1.2.0 Description: The issue allows unauthenticated users to perform Stored Cross-Site Scripting attacks via malicious form submissions because the plugin does not sanitise and escape some of its settings...

WordPress plugin Wise Forms 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platforms developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security...