CVE-2025-24708
Severity CVSS v4.0:
Pending analysis
Type:
CWE-79
Cross-Site Scripting (XSS)
Publication date:
27/01/2025
Last modified:
27/01/2025
Description
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in CRM Perks WP Dynamics CRM for Contact Form 7, WPForms, Elementor, Formidable and Ninja Forms allows Reflected XSS. This issue affects WP Dynamics CRM for Contact Form 7, WPForms, Elementor, Formidable and Ninja Forms: from n/a through 1.1.6.
Impact
Base Score 3.x
7.10
Severity 3.x
HIGH