Unrated severityNVD Advisory· Published Oct 25, 2021· Updated Aug 3, 2024
Formidable Form Builder < 5.0.07 - Admin+ Stored Cross-Site Scripting
CVE-2021-24608
Description
The Formidable Form Builder – Contact Form, Survey & Quiz Forms Plugin for WordPress plugin before 5.0.07 does not sanitise and escape its Form's Labels, allowing high privileged users to perform Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2- WordPress/Formidable Form Builder – Contact Form, Survey & Quiz Forms Plugin for WordPressdescription
- Range: <5.0.07
Patches
Vulnerability mechanics
References
2- plugins.trac.wordpress.org/changeset/2609911mitrex_refsource_CONFIRM
- wpscan.com/vulnerability/75305ea8-730b-4caf-a3c6-cb94adee683cmitrex_refsource_MISC
News mentions
0No linked articles in our index yet.