Vulnerabilities > Pieforms > Drag Drop Builder > 1.4
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-06-08 | CVE-2022-1569 | Cross-site Scripting vulnerability in Pieforms Drag & Drop Builder The Drag & Drop Builder, Human Face Detector, Pre-built Templates, Spam Protection, User Email Notifications & more! WordPress plugin before 1.4.9.4 does not sanitise and escape some of its form fields, which could allow high privilege users such as admin to perform Cross-Site Scripting attacks when unfiltered_html is disallowed | 3.5 |