The Formzu plugin for WordPress had an issue that could put it at risk of malicious attack. In versions of the plugin up to and including 1.6.6, the “id” parameter did not have enough protection against malicious input. This issue allowed people with a certain level of access to inject malicious web scripts into pages that would run every time someone visited the page.
This information is sourced from www.wpvulnerability.com. An open-source database of vulnerabilities maintained by the community. Help us out by submitting vulnerabilities!
Version compare shows which versions have a vulnerability. For example: >= 2.2.8 <= 2.2.21 means:
> from 2.2.8
= including 2.2.8 & 2.2.21
< to 2.2.21
Is this information incorrect? Please leave us a message.
