CVE & Vulnerability

CVE-2024-7052 - Forminator Forms Stored Cross-Site Scripting Vulnerability

CVE ID : CVE-2024-7052 Published : Feb. 14, 2025, 6:15 a.m. | 2 hours, 29 minutes ago Description : The Forminator Forms WordPress plugin before 1.38.3 does not sanitise and escape some of its settings, which could allow high privilege users such as Admin to perform Stored Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed (for example in multisite setup) Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more...

AutorAutor
Feb 14, 2025 - 09:45
 0  0
CVE-2024-7052 - Forminator Forms Stored Cross-Site Scripting Vulnerability
CVE ID : CVE-2024-7052
Published : Feb. 14, 2025, 6:15 a.m. | 2 hours, 29 minutes ago
Description : The Forminator Forms WordPress plugin before 1.38.3 does not sanitise and escape some of its settings, which could allow high privilege users such as Admin to perform Stored Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed (for example in multisite setup)
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
Read More

Tags:

Vorheriger Artikel

CVE-2024-13692 - WooCommerce Return Refund and Exchange Plugin Insecure Direct O...

Nächster Artikel

CVE-2024-13493 - Sensly Online Presence Stored Cross-Site Scripting Vulnerability

Autor
Autor

Verwandte Beiträge

CVE-2025-0840 - GNU Binutils Stack-Based Buffer Overflow Vulnerability

CVE-2025-0840 - GNU Binutils Stack-Based Buffer Overflo...

Autor Jan 29, 2025  0  0

CVE-2024-55218 - IceWarp Server XSS Vulnerability

CVE-2024-55218 - IceWarp Server XSS Vulnerability

Autor Jan 7, 2025  0  0

CVE-2024-42031 - Citrix Settings Unvalidated Permissions Disclosure

CVE-2024-42031 - Citrix Settings Unvalidated Permission...

Autor Aug 8, 2024  0  2