疑似Oday
The Caldera Forms WordPress plugin before 1.5.4 is affected by an cross-site scripting (XSS) vulnerability. Due to insufficient input sanitization and output escaping, attackers can inject arbitrary JavaScript via form submissions, which is then executed for users viewing entries or confirmations.
id: wp-caldera-forms-xss
info:
name: Caldera Forms <= 1.5.4 - Cross-Site Scripting
author: thea
...