Lucene search
Jinson Varghese BehananWPVDB-ID:0D5C51D8-A834-4680-9939-B6D37FD3D237HistoryMar 05, 2020 - 12:00 a.m.
Contact Form by WPForms < 1.5.9 - Authenticated Cross-Site Scripting (XSS)
2020-03-0500:00:00
Jinson Varghese Behanan
wpscan.com
11
EPSS
0.006
Percentile
77.9%
The popular WordPress plugin, WPForms, was found to be vulnerable to Authenticated Cross-Site Scripting (XSS). The Form Description and Field Description fields in the WPForms plugin’s Form Builder module was found to be vulnerable to stored XSS, as they did not sanitize user given input properly.
Related
checkpoint_advisories
checkpoint_advisories
Wordpress WPForms Plugin Cross-Site Scripting (CVE-2020-10385)
2020-03-31 00:00:00
packetstorm
packetstorm
WordPress WPForms 1.5.9 Cross Site Scripting
2020-03-24 00:00:00
WordPress WP Forms 1.5.8.2 Cross Site Scripting
2020-03-24 00:00:00
patchstack
patchstack
cve
cve
CVE-2020-10385
2020-03-24 16:15:12
prion
prion
Cross site scripting
2020-03-24 16:15:00
openvas
openvas
WordPress WPForms Contact Form Plugin < 1.5.9 XSS Vulnerability
2020-03-26 00:00:00
nvd
nvd
CVE-2020-10385
2020-03-24 16:15:12
exploitpack
exploitpack
Wordpress Plugin WPForms 1.5.8.2 - Persistent Cross-Site Scripting
2020-03-24 00:00:00
cvelist
cvelist
CVE-2020-10385
2020-03-11 04:07:16
exploitdb
exploitdb
WordPress Plugin WPForms 1.5.8.2 - Persistent Cross-Site Scripting
2020-03-24 00:00:00
zdt
zdt