CVE-2024-13603 Information

Description

The Wise Forms WordPress plugin through 1.2.0 does not sanitise and escape some of its settings which could allow unauthenticated users to perform Stored Cross-Site Scripting attacks via malicious form submissions.

Reference

https://wpscan.com/vulnerability/234a8d22-e6c6-4819-9ac0-434a96b3462d/