The Responsive Contact Form Builder... CVE-2024-3637

- AV AC AU C I A
发布: 2024-05-03
修订: 2025-03-20

The Responsive Contact Form Builder & Lead Generation Plugin WordPress plugin through 1.8.9 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed (for example in multisite setup)

0%
暂无可用Exp或PoC
当前有0条受影响产品信息