The Form Store to DB WordPress plugin prior to 1.1.1 does not sanitise and escape parameter keys before outputting it back in the created entry, allowing unauthenticated malicious user to perform Cross-Site Scripting attacks against admin
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
accesspressthemes form store to db |