CVE-2023-6830
CVSS 3.1 Score 6.1 of 10 (medium)
Details
Published Jan 9, 2024
Updated: Jan 16, 2024
CWE ID 79
Summary
CVE-2023-6830 is a vulnerability affecting the Formidable Forms plugin for WordPress. This issue, present in versions up to 6.7, enables unauthenticated users to inject malicious HTML code into form fields. When an administrator views the form data in the Entries View Page, the injected HTML code is rendered, posing a threat of admin area defacement or redirection to malicious websites. This vulnerability can potentially compromise the security of WordPress sites using the Formidable Forms plugin.
Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.
Share