Unrated severityNVD Advisory· Published Oct 16, 2024· Updated Apr 8, 2026
Formidable Form Builder < 2.05.03 - Unauthenticated Stored Cross-Site Scripting
CVE-2017-20192
Description
The Formidable Form Builder plugin for WordPress is vulnerable to Stored Cross-Site Scripting via multiple parameters submitted during form entries like 'after_html' in versions before 2.05.03 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary web scripts that execute in a victim's browser.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
3- Range: <2.05.03
- strategy11team/Formidable Forms – Contact Form Plugin, Survey, Quiz, Payment, Calculator Form & Custom Form Builderv5Range: 0
Patches
Vulnerability mechanics
References
3News mentions
0No linked articles in our index yet.