Crmperks - Crm Perks Forms CVE - OpenCVE

Filtered by vendor Crmperks Subscriptions

Filtered by product Crm Perks Forms Subscriptions

Total 3 CVE

CVE	Vendors	Products	Updated	CVSS v3.1
CVE-2023-51536	1 Crmperks	1 Crm Perks Forms	2024-02-07	4.8 Medium
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in CRM Perks CRM Perks Forms – WordPress Form Builder allows Stored XSS.This issue affects CRM Perks Forms – WordPress Form Builder: from n/a through 1.1.2.
CVE-2023-2836	1 Crmperks	1 Crm Perks Forms	2023-11-07	4.8 Medium
The CRM Perks Forms plugin for WordPress is vulnerable to Stored Cross-Site Scripting via form settings in versions up to, and including, 1.1.1 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with administrator-level permissions and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page. This only affects multi-site installations and installations where unfiltered_html has been disabled.
CVE-2022-38467	1 Crmperks	1 Crm Perks Forms	2023-11-07	6.1 Medium
Reflected Cross-Site Scripting (XSS) vulnerability in CRM Perks Forms – WordPress Form Builder <= 1.1.0 ver.

Page 1 of 1.