CVE-2024-0427

State: PUBLISHED · Published: 2024-06-12 · Updated: 2024-08-01 · Assigner: WPScan

Description

The ARForms - Premium WordPress Form Builder Plugin WordPress plugin before 6.4.1 does not properly escape user-controlled input when it is reflected in some of its AJAX actions.

CWE

(none)

Affected

Unknown / ARForms - Premium WordPress Form Builder Plugin — v=0 <6.4.1 [affected]

CVSS

(none)

References

https://wpscan.com/vulnerability/1806fef3-d774-46e0-aa48-7a101495f4eb/ exploit, vdb-entry, technical-description

Source

cvelistV5-main/cves/2024/0xxx/CVE-2024-0427.json