Medium severity5.4NVD Advisory· Published Sep 10, 2019· Updated Jun 17, 2026
CVE-2017-18600
CVE-2017-18600
Description
The formcraft3 plugin before 3.4 for WordPress has stored XSS via the "New Form > Heading > Heading Text" field.
Affected products
2- WordPress/formcraft3 plugindescription
Patches
Vulnerability mechanics
References
1- wpvulndb.com/vulnerabilities/8877nvdThird Party Advisory
News mentions
0No linked articles in our index yet.