WordPress WP Forms 1.6.3.1 Cross SIte Scripting

Exploit Title : Wordpress Plugin WPForms 1.6.3.1 - Persistent Cross Site Scripting Authenticated Exploit Author : ZwX Exploit Date : 2020-10-23 Vendor Homepage : https://wpforms.com/ Download Plugin : https://downloads.wordpress.org/plugin/wpforms-lite.1.6.3.1.zip + Description Vulnerability:...

Wordpress Plugin WPForms 1.6.3.1 - Persistent Cross Site Scripting (Authenticated)

Exploit Title : Wordpress Plugin WPForms 1.6.3.1 - Persistent Cross Site Scripting Authenticated Exploit Author : ZwX Exploit Date : 2020-10-23 Vendor Homepage : https://wpforms.com/ Download Plugin : https://downloads.wordpress.org/plugin/wpforms-lite.1.6.3.1.zip + Description Vulnerability:...

WordPress Contact Form by WPForms plugin <= 1.6.0.1 - Authenticated Stored Cross-Site Scripting (XSS) vulnerability

Authenticated Stored Cross-Site Scripting XSS vulnerability discovered by Fortinet in WordPress Contact Form by WPForms plugin versions = 1.6.0.1. Solution Update the WordPress Contact Form by WPForms plugin to the latest available version at least 1.6.0.2...

Contact Form by WPForms < 1.6.0.2 - Authenticated Stored Cross-Site Scripting (XSS)

Vishnupriya Ilango from Fortinet's FortiGuard Labs discovered an authenticated stored Cross-Site Scripting issue via the choice label parameter inside the form builder that interacts with live preview...

Wordpress WPForms Plugin Cross-Site Scripting (CVE-2020-10385)

A cross-site scripting vulnerability exists in Wordpress WPForms plugin. Successful exploitation of this vulnerability would allow remote attackers to inject arbitrary web script into the affected system...

WordPress WPForms Contact Form Plugin < 1.5.9 XSS Vulnerability

The WordPress plugin SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptoid"1.3.6.1.4.1.25623.1.0.113660";...

WordPress WPForms Contact Form Plugin Cross-Site Scripting Vulnerability

WordPress is a set of blogging platform developed by WordPress Foundation using PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WPForms Contact Form is one of the contact form builder plugins. A cross-site scripting vulnerability exists in WordPres...

CVE-2020-10385

A stored cross-site scripting XSS vulnerability exists in the WPForms Contact Form aka wpforms-lite plugin before 1.5.9 for WordPress...

CVE-2020-10385

A stored cross-site scripting XSS vulnerability exists in the WPForms Contact Form aka wpforms-lite plugin before 1.5.9 for WordPress...

Cross site scripting

A stored cross-site scripting XSS vulnerability exists in the WPForms Contact Form aka wpforms-lite plugin before 1.5.9 for WordPress...

WordPress WPForms 1.5.9 Cross Site Scripting

Exploit Title: Wordpress Plugin WPForms 1.5.9 - Persistent Cross-Site Scripting Date: 2020-02-18 Vendor Homepage: https://wpforms.com Vendor Changelog: https://wordpress.org/plugins/wpforms-lite/developers Exploit Author: Jinson Varghese Behanan Author Advisory:...

Wordpress Plugin WPForms 1.5.8.2 - Persistent Cross-Site Scripting

Wordpress Plugin WPForms 1.5.8.2 - Persistent Cross-Site Scripting Exploit Title: Wordpress Plugin WPForms 1.5.8.2 - Persistent Cross-Site Scripting Date: 2020-02-18 Vendor Homepage: https://wpforms.com Vendor Changelog: https://wordpress.org/plugins/wpforms-lite/developers Exploit Author: Jinson...

WordPress Plugin WPForms 1.5.8.2 - Persistent Cross-Site Scripting

Exploit Title: Wordpress Plugin WPForms 1.5.8.2 - Persistent Cross-Site Scripting Date: 2020-02-18 Vendor Homepage: https://wpforms.com Vendor Changelog: https://wordpress.org/plugins/wpforms-lite/developers Exploit Author: Jinson Varghese Behanan Author Advisory:...

WordPress WP Forms 1.5.8.2 Cross Site Scripting

Exploit Title: Wordpress Plugin WPForms 1.5.9 - Persistent Cross-Site Scripting Date: 2020-02-18 Vendor Homepage: https://wpforms.com Vendor Changelog: https://wordpress.org/plugins/wpforms-lite/developers Exploit Author: Jinson Varghese Behanan Author Advisory:...

Wordpress WPForms 1.5.9 Plugin - Persistent Cross-Site Scripting Vulnerability

Exploit for php platform in category web applications Exploit Title: Wordpress Plugin WPForms 1.5.9 - Persistent Cross-Site Scripting Vendor Homepage: https://wpforms.com Vendor Changelog: https://wordpress.org/plugins/wpforms-lite/developers Exploit Author: Jinson Varghese Behanan Author Advisor...

CVE-2020-10385

CVE-2020-10385 describes a stored cross-site scripting (XSS) vulnerability in the WordPress plugin WPForms Lite (wpforms-lite) before version 1.5.9. The root cause is insufficient validation/sanitization of user input in the Form Description and Field Description fields, enabling injected scripts...

CVE-2020-10385

A stored cross-site scripting XSS vulnerability exists in the WPForms Contact Form aka wpforms-lite plugin before 1.5.9 for WordPress...

PT-2020-12055 · Wpforms · Wpforms Contact Form

Name of the Vulnerable Software and Affected Versions: WPForms Contact Form plugin versions prior to 1.5.9 Description: A stored cross-site scripting XSS issue exists in the WPForms Contact Form plugin for WordPress. This allows for malicious scripts to be stored and executed on the site...

Contact Form by WPForms < 1.5.9 - Authenticated Cross-Site Scripting (XSS)

The popular WordPress plugin, WPForms, was found to be vulnerable to Authenticated Cross-Site Scripting XSS. The Form Description and Field Description fields in the WPForms plugin’s Form Builder module was found to be vulnerable to stored XSS, as they did not sanitize user given input properly...

WordPress Contact Form by WPForms plugin <= 1.5.8.2 - Authenticated Cross-Site Scripting (XSS) vulnerability

Authenticated Cross-Site Scripting XSS vulnerability discovered by Jinson Varghese Behanan in WordPress Contact Form by WPForms plugin versions = 1.5.8.2. Solution Update the WordPress Contact Form by WPForms plugin to the latest available version at least 1.5.9...