Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in 10Web Form Builder Team Form Maker by 10Web β Mobile-Friendly Drag & Drop Contact Form Builder plugin <= 1.15.18 versions.
7.1CVSS
6AI Score
0.001EPSS
Unauth. Stored Cross-Site Scripting (XSS) vulnerability in 10Web Form Builder Team Form Maker by 10Web β Mobile-Friendly Drag & Drop Contact Form Builder plugin <= 1.15.18 versions.
7.1CVSS
5.7AI Score
0.001EPSS
The Form Maker by 10Web WordPress plugin before 1.15.20 does not validate signatures when creating them on the server from user input, allowing unauthenticated users to create arbitrary files and lead to RCE
9.8CVSS
9.5AI Score
0.002EPSS