CVE-2021-24505

The CVE-2021-24505 entry corresponds to a Stored XSS in the WordPress Forms plugin prior to v1.12.3, caused by the plugin failing to sanitise input in the Add New field. The vulnerability is authenticated (requires user login) and stored, with an attacker potentially injecting script that could e...