Cross Site Scripting (XSS) vulnerability | WordPress.org

Trevis
(@treviscarletta)

2 years, 4 months ago

Patchstack has published a high-severity vulnerability that has been discovered with HappyForms: https://patchstack.com/database/vulnerability/happyforms/wordpress-happyforms-plugin-1-25-9-reflected-cross-site-scripting-xss-vulnerability?_a_id=431

It appears any non-authenticated user can exploit this and it “allows a malicious actor to inject malicious scripts, such as redirects, advertisements, and other HTML payloads into your website which will be executed when guests visit your site.”

Is there a timetable as to when the plugin will be patched?

Viewing 1 replies (of 1 total)

YogieAnamCara
(@yogieanamcara)

2 years, 3 months ago

Any updates on this?

Viewing 1 replies (of 1 total)

The topic ‘Cross Site Scripting (XSS) vulnerability’ is closed to new replies.

1 reply
2 participants
Last reply from: YogieAnamCara
Last activity: 2 years, 3 months ago
Status: not resolved