CVE-2024-10056 | Contact Form Builder Plugin up to 4.10.4 on WordPress Shortcode livesite-pay cross site scripting

Posted by Angelo Barbosa | Dec 5, 2024 | CVE

A vulnerability classified as problematic was found in Contact Form Builder Plugin up to 4.10.4 on WordPress. Affected by this vulnerability is the function livesite-pay of the component Shortcode Handler. The manipulation leads to cross site scripting.

This vulnerability is known as CVE-2024-10056. The attack can be launched remotely. There is no exploit available.

CVE-2024-10056 | Contact Form Builder Plugin up to 4.10.4 on WordPress Shortcode livesite-pay cross site scripting

Related Posts

CVE-2024-34402 | uriparser up to 0.9.7 UriQuery.c ComposeQueryEngine integer overflow (ID 183)

CVE-2021-46910 | Linux Kernel up to 5.11.15 mm kmap_local null pointer dereference (5965ac11b1d5/d624833f5984)

CVE-2024-12578 | Tickera Plugin up to 3.5.4.8 on WordPress tickera_tickets_info information disclosure

CVE-2023-48667 | Dell PowerProtect DD os command injection (dsa-2023-412)