CVE Published: 25/10/2021 |
CVE Updated: 03/08/2024 |
CVE Year: 2021 Source: WPScan |
Vendor: Unknown |
Product: Formidable Form Builder – Contact Form, Survey & Quiz Forms Plugin for WordPress Status : PUBLISHED
CVE-2021-24608 Description
The Formidable Form Builder – Contact Form, Survey & Quiz Forms Plugin for WordPress plugin before 5.0.07 does not sanitise and escape its Form\'s Labels, allowing high privileged users to perform Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed