WordPress Gravity Forms <= 22.214.171.124 - Authenticated Reflected XSS
- Gravity Forms
- Because of this vulnerability, the software incorrectly neutralizes user-controllable input before it is placed in output that is used as a web page that is served to users.
- Update the plugin.
Type XSS (Cross Site Scripting)
OWASP Top 10 A3: Cross Site Scripting (XSS)
- Name CVE-N/A
Fixed In 1.9.16
- Disclosure date
- Henri Salo