Form Maker by 10Web – Mobile-Friendly Drag & Drop Contact Form Builder, 77b9452b-41f3-4ba4-a84a-e49df0113f92

CVE, Research URL: 77b9452b-41f3-4ba4-a84a-e49df0113f92
Home page URL: Security reports for Form Maker by 10Web – Mobile-Friendly Drag & Drop Contact Form Builder
Application: Form Maker by 10Web – Mobile-Friendly Drag & Drop Contact Form Builder
Published on: -
Research Description: Form Maker by 10Web – Mobile-Friendly Drag & Drop Contact Form Builder [form-maker] < 1.13.40 Form Maker by 10Web < 1.13.40 - Authenticated Reflected XSS The 'Form Maker by 10Web' WordPress plugin is vulnerable to XSS in the 'blocked_ips_fm' page. A logged-in site administrator who follows a crafted link will trigger arbitrary JavaScript code to be run in their browser in the context of their privileged account on the WordPress site.
Affected versions: max 1.13.40.
Status: vulnerable

Form Maker by 10Web &#8211; Mobile-Friendly Drag &amp; Drop Contact Form Builder, 77b9452b-41f3-4ba4-a84a-e49df0113f92