2 matches found
CVE-2023-49160
CVE-2023-49160 is a stored XSS vulnerability in the WordPress Formzu WP plugin (Formzu WP) affecting versions 1.6.6 and earlier. The issue stems from improper neutralization of input during web page generation, enabling stored cross-site scripting. Red Hat and Patchstack corroborate the vulnerabi...
CVE-2024-22310
CVE-2024-22310 affects Formzu WP (WordPress plugin) up to version 1.6.7 and is caused by improper neutralization of input during web page generation, enabling Stored XSS. The vulnerability targets the plugin’s handling of user-supplied input in the WordPress pages, leading to cross-site scripting...