cve,link,title,description,vendor,products,score,severity,epss,cisa,cisa_published,article,ransomware,exploited,poc,trended,trended_no_1,published,trended_score
CVE-2024-2542,https://securityvulnerability.io/vulnerability/CVE-2024-2542,Stored Cross-Site Scripting in Jotform Online Forms Plugin for WordPress,"The Jotform Online Forms plugin for WordPress has a vulnerability that allows authenticated attackers, with contributor-level access and above, to exploit insufficient input sanitization and output escaping. Through the plugin's shortcodes, these attackers can inject arbitrary scripts, which will execute whenever a user visits an affected page. This scenario highlights the critical need for adequate security measures in managing user-provided attributes.",Wordpress,"Jotform Online Forms – Drag & Drop Form Builder, Securely Embed Contact Forms",6.4,MEDIUM,0.0004299999854993075,false,,false,false,false,,false,false,2024-05-02T16:52:24.636Z,0