Lucene search
Ryan DewhurstWPVDB-ID:53BE39A1-AE37-4D9F-8EFD-AD2C6E0E5C0FHistoryOct 31, 2018 - 12:00 a.m.
Multi Step Form <= 1.2.5 - Cross-Site Scripting (XSS)
2018-10-3100:00:00
Ryan Dewhurst
wpscan.com
8
EPSS
0.001
Percentile
36.3%
The Multi Step Form WordPress plugin was affected by a Cross-Site Scripting (XSS) security vulnerability.
References
ansawaf.blogspot.com/2018/10/cve-2018-14846-multiple-stored-xss-in.html
cwatch.comodo.com/blog/website-security/vulnerability-found-in-multiple-stored-xss-form-in-wordpress-version-1-2-5/
github.com/mlooft/multi-step-form/commit/8a89f6deb888abb0ae679841ee96ee8332e5b5bc#diff-13d0709dedfe5ef22b22558c25b54ccf
plugins.trac.wordpress.org/changeset?key5sk1=ed7e8ad919a00da1183b66e366c46367fc4cc26e&sfp_email=&sfph_mail=&reponame=&new=1919415%40multi-step-form&old=1917502%40multi-step-form
Related
prion
prion
Cross site scripting
2018-12-20 23:29:00
nvd
nvd
CVE-2018-14846
2018-12-20 23:29:00
cvelist
cvelist
CVE-2018-14846
2018-12-20 22:00:00
cve
cve
CVE-2018-14846
2018-12-20 23:29:00
openvas
openvas
WordPress Multi Step Form Plugin < 1.2.6 Multiple XSS Vulnerabilities
2019-02-18 00:00:00