Wordpress Plugin WPForms 1.5.8.2 - Persistent Cross-Site Scripting

Wordpress Plugin WPForms 1.5.8.2 - Persistent Cross-Site Scripting Exploit Title: Wordpress Plugin WPForms 1.5.8.2 - Persistent Cross-Site Scripting Date: 2020-02-18 Vendor Homepage: https://wpforms.com Vendor Changelog: https://wordpress.org/plugins/wpforms-lite/developers Exploit Author: Jinson...

WordPress WP Forms 1.5.8.2 Cross Site Scripting

Exploit Title: Wordpress Plugin WPForms 1.5.9 - Persistent Cross-Site Scripting Date: 2020-02-18 Vendor Homepage: https://wpforms.com Vendor Changelog: https://wordpress.org/plugins/wpforms-lite/developers Exploit Author: Jinson Varghese Behanan Author Advisory:...

Wordpress WPForms 1.5.9 Plugin - Persistent Cross-Site Scripting Vulnerability

Exploit for php platform in category web applications Exploit Title: Wordpress Plugin WPForms 1.5.9 - Persistent Cross-Site Scripting Vendor Homepage: https://wpforms.com Vendor Changelog: https://wordpress.org/plugins/wpforms-lite/developers Exploit Author: Jinson Varghese Behanan Author Advisor...

CVE-2020-10385

CVE-2020-10385 describes a stored cross-site scripting (XSS) vulnerability in the WordPress plugin WPForms Lite (wpforms-lite) before version 1.5.9. The root cause is insufficient validation/sanitization of user input in the Form Description and Field Description fields, enabling injected scripts...

CVE-2020-10385

A stored cross-site scripting XSS vulnerability exists in the WPForms Contact Form aka wpforms-lite plugin before 1.5.9 for WordPress...

PT-2020-12055 · Wpforms · Wpforms Contact Form

Name of the Vulnerable Software and Affected Versions: WPForms Contact Form plugin versions prior to 1.5.9 Description: A stored cross-site scripting XSS issue exists in the WPForms Contact Form plugin for WordPress. This allows for malicious scripts to be stored and executed on the site...

Contact Form by WPForms < 1.5.9 - Authenticated Cross-Site Scripting (XSS)

The popular WordPress plugin, WPForms, was found to be vulnerable to Authenticated Cross-Site Scripting XSS. The Form Description and Field Description fields in the WPForms plugin’s Form Builder module was found to be vulnerable to stored XSS, as they did not sanitize user given input properly...

WordPress Contact Form by WPForms plugin <= 1.5.8.2 - Authenticated Cross-Site Scripting (XSS) vulnerability

Authenticated Cross-Site Scripting XSS vulnerability discovered by Jinson Varghese Behanan in WordPress Contact Form by WPForms plugin versions = 1.5.8.2. Solution Update the WordPress Contact Form by WPForms plugin to the latest available version at least 1.5.9...

Contact Form by WPForms < 1.4.8.1 - Unauthenticated Cross-Site Scripting (XSS)

RIPS Technologies identified an Unauthenticated Cross-Site Scripting XSS vulnerability within the WPForms WordPress plugin during their WordPress Security Calendar 2018 research. The date parameter was embedded within JavaScript code without any validation or encoding...

WordPress Contact Form by WPForms plugin <= 1.4.8 - Unauthenticated Cross-Site Scripting (XSS) vulnerability

Unauthenticated Cross-Site Scripting XSS vulnerability found by RIPS Technologies in WordPress Contact Form by WPForms plugin versions = 1.4.8. Solution Update the WordPress Contact Form by WPForms plugin to the latest available version at least 1.4.8.1...

WordPress WP Mail SMTP by WPForms plugin <= 1.3.3 - Authenticated Stored Cross-Site Scripting (XSS) vulnerability

Authenticated Stored Cross-Site Scripting XSS vulnerability found by RIPS Technologies in WordPress WP Mail SMTP by WPForms plugin versions = 1.3.3. Solution Update the WordPress WP Mail SMTP by WPForms plugin to the latest available version at least 1.4.0...

WordPress Contact Form by WPForms plugin <= 1.4.7 - Authenticated Stored Cross-Site Scripting (XSS) vulnerability

Authenticated Stored Cross-Site Scripting XSS vulnerability found by RIPS Technologies in WordPress Contact Form by WPForms plugin versions = 1.4.7. Solution Update the WordPress Contact Form by WPForms plugin to the latest available versions at least 1.4.8...

Contact Form by WPForms < 1.4.8 - Authenticated Stored Cross-Site Scripting (XSS)

The Contact Form by WPForms – Drag & Drop Form Builder for WordPress WordPress plugin was affected by an Authenticated Stored Cross-Site Scripting XSS security vulnerability...

WP Mail SMTP by WPForms <= 1.3.3 - Authenticated Stored Cross-Site Scripting (XSS)

The WP Mail SMTP by WPForms WordPress plugin was affected by an Authenticated Stored Cross-Site Scripting XSS security vulnerability...