VYPR
Medium severity5.4NVD Advisory· Published Sep 10, 2019· Updated Jun 17, 2026

CVE-2017-18600

CVE-2017-18600

Description

The formcraft3 plugin before 3.4 for WordPress has stored XSS via the "New Form > Heading > Heading Text" field.

Affected products

2

Patches

Vulnerability mechanics

References

1

News mentions

0

No linked articles in our index yet.