Vulnerabilities > Westguardsolutions > WS Form > 1.9.218

DATE CVE VULNERABILITY TITLE RISK
2025-01-28 CVE-2024-13509 Cross-site Scripting vulnerability in Westguardsolutions WS Form
The WS Form LITE – Drag & Drop Contact Form Builder for WordPress plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the url parameter in all versions up to, and including, 1.10.13 due to insufficient input sanitization and output escaping.
network
low complexity
westguardsolutions CWE-79
6.1
6.1
2024-11-06 CVE-2024-10647 Cross-site Scripting vulnerability in Westguardsolutions WS Form
The WS Form LITE – Drag & Drop Contact Form Builder for WordPress plugin for WordPress is vulnerable to Reflected Cross-Site Scripting due to the use of remove_query_arg without appropriate escaping on the URL in all versions up to, and including, 1.9.244.
network
low complexity
westguardsolutions CWE-79
6.1
6.1