exploitDog

CVE-2025-24708

Опубликовано: 27 янв. 2025

Источник: nvd

CVSS3: 7.1

EPSS Низкий

Описание

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in CRM Perks WP Dynamics CRM for Contact Form 7, WPForms, Elementor, Formidable and Ninja Forms allows Reflected XSS. This issue affects WP Dynamics CRM for Contact Form 7, WPForms, Elementor, Formidable and Ninja Forms: from n/a through 1.1.6.

Ссылки

https://patchstack.com/database/wordpress/plugin/cf7-dynamics-crm/vulnerability/wordpress-wp-dynamics-crm-plugin-1-1-6-reflected-cross-site-scripting-xss-vulnerability?_s_id=cve

EPSS

Процентиль: 27%

0.00094

Низкий

7.1 High

CVSS3

Дефекты

CWE-79

Связанные уязвимости

GHSA-h82v-8v2q-882m

CVSS3: 7.1

github

около 1 года назад

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in CRM Perks WP Dynamics CRM for Contact Form 7, WPForms, Elementor, Formidable and Ninja Forms allows Reflected XSS. This issue affects WP Dynamics CRM for Contact Form 7, WPForms, Elementor, Formidable and Ninja Forms: from n/a through 1.1.6.

EPSS

Процентиль: 27%

0.00094

Низкий

7.1 High

CVSS3

Дефекты

CWE-79