Lucene search
WpvulndbWPVDB-ID:95AE5ADC-EC77-44D2-A1BB-27F1FEC5CC19HistoryFeb 06, 2024 - 12:00 a.m.
MW WP Form < 5.1.0 - Editor+ Stored XSS
2024-02-0600:00:00
wpscan.com
10
vulnerability
stored xss
input sanitization
output escaping
authenticated attackers
web scripts
mw wp form
Description The plugin is vulnerable to Stored Cross-Site Scripting in versions up to due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with editor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.
Related
cvelist
cvelist
vulnrichment
vulnrichment
nvd
nvd
CVE-2024-24804
2024-02-10 08:15:08
prion
prion
Cross site scripting
2024-02-10 08:15:00
cve
cve
CVE-2024-24804
2024-02-10 08:15:08
openvas
openvas
WordPress MW WP Form Plugin <= 5.0.6 XSS Vulnerability
2024-04-23 00:00:00
wordfence
wordfence
AI Score
5.3
Confidence
High
EPSS
0
Percentile
14.0%
Related for WPVDB-ID:95AE5ADC-EC77-44D2-A1BB-27F1FEC5CC19