CVE-2021-24596 in youForms Plugininformación

Resumen

por MITRE • 2021-09-20

The youForms for WordPress plugin through 1.0.5 does not sanitise escape the Button Text field of its Templates, allowing high privilege users (editors and admins) to perform Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed

If you want to get best quality of vulnerability data, you may have to visit VulDB.

Reservar

2021-01-14

Divulgación

2021-09-20

Moderación

aceptado

Artículo

VDB-182928

CPE

listo

EPSS

0.02666

KEV

no

Actividades

muy bajo

Fuentes

Do you need the next level of professionalism?

Upgrade your account now!