Show filters
1 Total Results
Displaying 1-1 of 1
Sort by:
Attacker Value
Unknown

CVE-2021-24700

Disclosure Date: November 23, 2021 (last updated February 23, 2025)
The Forminator WordPress plugin before 1.15.4 does not sanitize and escape the email field label, which could allow high privilege users to perform Cross-Site Scripting attacks even when the unfiltered_html is disallowed
Attack Vector: NetworkPrivileges: HighUser Interaction: Required
0
0