The MW WP Form plugin for WordPress is at risk of being hacked through Stored Cross-Site Scripting. This is because it doesn’t properly clean and protect the information that is put in and taken out. As a result, people who are logged in and have editing permissions can add harmful code to pages that will be activated whenever someone visits those pages.
This information is sourced from www.wpvulnerability.com. An open-source database of vulnerabilities maintained by the community. Help us out by submitting vulnerabilities!
Version compare shows which versions have a vulnerability. For example: >= 2.2.8 <= 2.2.21 means:
> from 2.2.8
= including 2.2.8 & 2.2.21
< to 2.2.21
Is this information incorrect? Please leave us a message.
