Lucene search
Bob MatyasWPEX-ID:33A366D9-6C81-4957-A101-768487AAE735HistoryMay 17, 2024 - 12:00 a.m.
ArForms < 6.6 - Admin+ Stored XSS
2024-05-1700:00:00
Bob Matyas
14
arforms
stored cross-site scripting
poc
may 31 2024
users
update
admin+
Description The plugin does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed (for example in multisite setup)
1. Add or edit an existing form and in the Custom CSS, enter the payload:
`"p {color: red;}</style> <script>alert(2)</script><style>`
2. Save
3. Reload and see the XSSRelated
wpvulndb
wpvulndb
ArForms < 6.6 - Admin+ Stored XSS
2024-05-17 00:00:00
cvelist
cvelist
CVE-2024-4621 ArForms < 6.6 - Admin+ Stored XSS
2024-06-07 06:00:02
cve
cve
CVE-2024-4621
2024-06-07 06:15:11
nvd
nvd
CVE-2024-4621
2024-06-07 06:15:11
vulnrichment
vulnrichment
CVE-2024-4621 ArForms < 6.6 - Admin+ Stored XSS
2024-06-07 06:00:02
wordfence
wordfence
7.9 High
AI Score
Confidence
High
0.0004 Low
EPSS
Percentile
9.1%
Related for WPEX-ID:33A366D9-6C81-4957-A101-768487AAE735