Vulnerability
FluentForms <= 4.3.22 Stored XSS via Custom HTML fields
Description
The plugin does not properly sanitize and escape the srcdoc attribute in iframes in it’s custom HTML field type, allowing a logged in user with roles as low as contributor to inject arbitrary javascript into a form which will trigger for any visitor to the form or admins previewing or editing the form.
CVE-ID
CVE-2023-0546
Vendor
WPManageNinja LLC
Product
Contact Form Plugin
Disclosure Timeline
Reported On: 24-01-23
Made Public On: 20-03-2023
Fixed On: 15-03-2023
Credits
Vaibhav Rajput