cve,link,title,description,vendor,products,score,severity,epss,cisa,cisa_published,article,ransomware,exploited,exploited_date,poc,trended,trended_no_1,trended_no_1_date,published,trended_score
CVE-2024-13603,https://securityvulnerability.io/vulnerability/CVE-2024-13603,Stored Cross-Site Scripting Vulnerability in Wise Forms WordPress Plugin,"The Wise Forms plugin for WordPress, up to version 1.2.0, contains a vulnerability that fails to properly sanitize and escape certain settings. This oversight allows unauthenticated users to exploit the plugin through crafted form submissions, leading to potential Stored Cross-Site Scripting (XSS) attacks. Malicious actors could insert harmful scripts, which may be executed in the context of unsuspecting users, compromising their data and the overall security of the website.",WordPress,Wise Forms,6.1,MEDIUM,0.0004299999854993075,false,,false,false,true,2025-02-17T06:00:01.000Z,true,false,false,,2025-02-17T06:00:01.478Z,0
CVE-2021-38335,https://securityvulnerability.io/vulnerability/CVE-2021-38335,Wise Agent Capture Forms <= 1.0 Reflected Cross-Site Scripting,"The Wise Agent Capture Forms WordPress plugin is vulnerable to Reflected Cross-Site Scripting due to a reflected $_SERVER[""PHP_SELF""] value in the ~/WiseAgentCaptureForm.php file which allows attackers to inject arbitrary web scripts, in versions up to and including 1.0.",Wordpress,Wise Agent Capture Forms,6.1,MEDIUM,0.0007399999885819852,false,,false,false,false,,,false,false,,2021-09-10T14:15:00.000Z,0