cve,link,title,description,vendor,products,score,severity,epss,cisa,cisa_published,article,ransomware,exploited,poc,trended,trended_no_1,published,trended_score
CVE-2021-4367,https://securityvulnerability.io/vulnerability/CVE-2021-4367,Stored Cross-Site Scripting Vulnerability in Flo Forms Plugin for WordPress,"The Flo Forms – Easy Drag & Drop Form Builder plugin for WordPress allows authenticated attackers, including subscribers, to exploit stored Cross-Site Scripting due to inadequate input sanitization and output escaping. By leveraging the flo_import_forms_options AJAX action, attackers can inject malicious scripts into pages that execute when users access the tainted pages, potentially compromising user data and enabling further exploitation.",Wordpress,Flo Forms – Easy Drag & Drop Form Builder,6.4,MEDIUM,0.0008900000248104334,false,,false,false,false,,false,false,2023-06-07T01:51:35.326Z,0