5.6 Medium
AI Score
Confidence
High
0.0004 Low
EPSS
Percentile
14.2%
Description The plugin does not validate and escape the ‘id’ parameter, allowing users with the contributor role and above perform Stored XSS attacks
patchstack.com/database/vulnerability/formzu-wp/wordpress-formzu-wp-plugin-1-6-6-cross-site-scripting-xss-vulnerability