all InfoSec News logo
all InfoSec News - Your InfoSec news aggregator
Log in Sign up
all InfoSec News

Form Maker by 10Web < 1.15.26 - Admin+ Stored XSSThe Form Maker by 10Web Word...

Add to bookmarks
July 1, 2024, 6 a.m. |

CVE | THREATINT - NEW cve.threatint.com

The Form Maker by 10Web WordPress plugin before 1.15.26 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scriptin...

admin cross-site escape high plugin privilege settings word wordpress wordpress plugin

Visit resource

More from cve.threatint.com / CVE | THREATINT - NEW

Limited DoS due to permitting creating users with user-defined IDsMattermost ... 2 hours ago | cve.threatint.com
attacker defined dos fail +2
RemoteClusterFrame payloads are audit logged in fullMattermost versions 9.5.x... 2 hours ago | cve.threatint.com
access attacker audit audit logs +7
Creating posts with user-defined IDs permitted in CreatePost APIMattermost ve... 2 hours ago | cve.threatint.com
attacker defined fail ids +3
Timing attack during remote cluster token comparison when shared channels are... 2 hours ago | cve.threatint.com
attack cluster fail mattermost +4
Channel IDs of archived/restored channels leaked via webhook eventsMattermost... 2 hours ago | cve.threatint.com
attacker channel event events +6
Lack of permission check when updating the profile picture of a remote user (... 2 hours ago | cve.threatint.com
check connected fail mattermost +9
WP Lightbox 2 <= 3.0.6.6 - Authenticated (Contributor+) DOM-Based Stored Cros... 3 hours ago | cve.threatint.com
cross-site dom input parameter +4
Premium Addons for Elementor <= 4.10.35 - Authenticated (Contributor+) Stored... 3 hours ago | cve.threatint.com
cross-site plugin premium scripting +2
The Plus Addons for Elementor <= 5.6.1 - Authenticated (Contributor+) Stored ... 3 hours ago | cve.threatint.com
cross-site mega page plugin +6

Jobs in InfoSec / Cybersecurity

Find Talent

Senior Corporate & Commercial Counsel

@ Armis Security | North Carolina, United States
View on infosec-jobs.com

Senior Corporate & Commercial Counsel

@ Armis Security | Georgia, United States
View on infosec-jobs.com

Senior Corporate & Commercial Counsel

@ Armis Security | Boston, Massachusetts, United States
View on infosec-jobs.com

Senior Corporate & Commercial Counsel

@ Armis Security | Austin, Texas, United States
View on infosec-jobs.com

IP Network Engineer

@ Rogers Communications | Calgary, AB, CA
View on infosec-jobs.com

Global Product Manager

@ Vodafone | London, GB
View on infosec-jobs.com