cve,link,title,description,vendor,products,score,severity,epss,cisa,cisa_published,article,ransomware,exploited,poc,trended,trended_no_1,published,trended_score
CVE-2024-10646,https://securityvulnerability.io/vulnerability/CVE-2024-10646,Stored Cross-Site Scripting Vulnerability in Contact Form Plugin,"The Contact Form Plugin by Fluent Forms for the Quiz, Survey, and Drag & Drop WP Form Builder plugin for WordPress is affected by a vulnerability that allows stored cross-site scripting. This issue arises from inadequate input sanitization and output escaping in the form's subject parameter. Unsanctioned attackers can exploit this vulnerability to inject arbitrary web scripts into pages, leading to the execution of these scripts whenever a user accesses an affected page. This poses a significant risk to the security and integrity of WordPress sites using this plugin.",Wordpress,"Fluent Forms – Customizable Contact Forms, Survey, Quiz, & Conversational Form Builder",7.2,HIGH,0.0005200000014156103,false,,false,false,false,,false,false,2024-12-14T05:34:14.007Z,0