31 matches found
CVE-2023-50891
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Zoho Forms Form plugin for WordPress – Zoho Forms allows Stored XSS.This issue affects Form plugin for WordPress – Zoho Forms: from n/a through 3.0.1...
EUVD-2023-55624
Malicious code in bioql PyPI...
EUVD-2023-12258
Malicious code in bioql PyPI...
EUVD-2024-42558
Malicious code in bioql PyPI...
CVE-2024-47633
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Zoho Forms Zoho Forms zoho-forms allows Stored XSS.This issue affects Zoho Forms: from n/a through = 4.0...
CVE-2023-0169
The Zoho Forms WordPress plugin before 3.0.1 does not validate and escape some of its shortcode attributes before outputting them back in a page/post where the shortcode is embed, which could allow users with the contributor role and above to perform Stored Cross-Site Scripting attacks...
CVE-2024-47633
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Zoho Forms Zoho Forms zoho-forms allows Stored XSS.This issue affects Zoho Forms: from n/a through = 4.0...
CVE-2024-47633 WordPress Zoho forms plugin <= 4.0 - Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Zoho Forms Zoho Forms zoho-forms allows Stored XSS.This issue affects Zoho Forms: from n/a through = 4.0...
CVE-2024-47633
CVE-2024-47633 refers to a stored XSS in the WordPress Zoho Forms plugin (versions ≤ 4.0) due to improper input neutralization during web page generation. The vulnerability can be triggered by user-provided input that is not properly sanitized, leading to cross-site scripting in affected pages. T...
CVE-2024-47633 WordPress Zoho forms plugin <= 4.0 - Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in Zoho Forms allows Stored XSS.This issue affects Zoho Forms: from n/a through 4.0...
PT-2024-32691 · Zoho · Zoho Forms
Name of the Vulnerable Software and Affected Versions: Zoho Forms versions prior to 4.0 Description: The issue is related to Improper Neutralization of Input During Web Page Generation, also known as Cross-site Scripting XSS. This allows for Stored XSS in Zoho Forms. Recommendations: For versions...
WordPress plugin Zoho Forms 跨站脚本漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A cross-site scripting...
WordPress Zoho forms plugin <= 4.0 - Cross Site Scripting (XSS) vulnerability
Cross Site Scripting XSS vulnerability discovered by Trương Hữu Phúc truonghuuphuc in WordPress Plugin Zoho Forms versions = 4.0...
WordPress Zoho Forms Plugin <= 4.0 is vulnerable to Cross Site Scripting (XSS)
Software Zoho Forms Type Plugin Vulnerable versions = 4.0 Fixed in 4.0.1 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2024-47633 Patch priority Low CVSS severity Low 6.5 Developer Claim ownership PSID cd73af6a9904 Credits Trương Hữu Phúc truonghuuphuc Required...
Zoho Forms < 3.0.2 - Authenticated (Contributor+) Stored Cross-Site Scripting via Shortcode
Description The Zoho Forms plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's shortcodes in all versions up to, and including 3.0.1 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated...
CVE-2023-50891
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Zoho Forms Form plugin for WordPress – Zoho Forms allows Stored XSS.This issue affects Form plugin for WordPress – Zoho Forms: from n/a through 3.0.1...
CVE-2023-50891
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Zoho Forms Form plugin for WordPress – Zoho Forms allows Stored XSS.This issue affects Form plugin for WordPress – Zoho Forms: from n/a through 3.0.1...
Cross site scripting
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Zoho Forms Form plugin for WordPress – Zoho Forms allows Stored XSS.This issue affects Form plugin for WordPress – Zoho Forms: from n/a through 3.0.1...
CVE-2023-50891 WordPress Zoho Forms Plugin <= 3.0.1 is vulnerable to Cross Site Scripting (XSS)
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Zoho Forms Form plugin for WordPress – Zoho Forms allows Stored XSS.This issue affects Form plugin for WordPress – Zoho Forms: from n/a through 3.0.1...
CVE-2023-50891
CVE-2023-50891 affects the WordPress Form plugin Zoho Forms (Zoho Forms) for WordPress, up to version 3.0.1. The issue arises from improper input neutralization during web page generation, enabling Stored Cross-Site Scripting (XSS) via shortcode, exploitable by authenticated users (Contributor+)....