VYPR
Unrated severityNVD Advisory· Published Oct 25, 2021· Updated Aug 3, 2024

Formidable Form Builder < 5.0.07 - Admin+ Stored Cross-Site Scripting

CVE-2021-24608

Description

The Formidable Form Builder – Contact Form, Survey & Quiz Forms Plugin for WordPress plugin before 5.0.07 does not sanitise and escape its Form's Labels, allowing high privileged users to perform Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

2

Patches

Vulnerability mechanics

References

2

News mentions

0

No linked articles in our index yet.