PT-2025-2152 · WordPress · Frictionless

Name of the Vulnerable Software and Affected Versions: Frictionless plugin for WordPress versions up to, and including, 0.0.23 Description: The issue arises from insufficient input sanitization and output escaping on user-supplied attributes in the frictionless form shortcode. This allows...

WordPress Frictionless plugin <= 0.0.23 - Authenticated (Contributor+) Stored Cross-Site Scripting vulnerability

Authenticated Contributor+ Stored Cross-Site Scripting vulnerability discovered by zakaria in WordPress Plugin Frictionless versions = 0.0.23...