Vulnerabilities

CVE-2021-24967

by Fred · 27/12/2021

The Contact Form & Lead Form Elementor Builder WordPress plugin before 1.6.4 does not sanitise and escape some lead values, which could allow unauthenticated users to perform Cross-Site Scripting attacks against logged in admin viewing the inserted Leads

Date published : 2021-12-27

https://wpscan.com/vulnerability/4e165122-4746-42de-952e-a3bf51393a74

Similar

Tags: Cybersecurity Alert