Fetchdesigns: >> Sign-Up Sheets >> 2.2.1 Security Vulnerabilities
The Sign-up Sheets WordPress plugin before 2.2.13 does not escape some generated URLs, as well as the $_SERVER['REQUEST_URI'] parameter before outputting them back in attributes, which could lead to Reflected Cross-Site Scripting.
CVSS Score
6.1
EPSS Score
0.001
Published
2024-09-04
Cross-Site Request Forgery (CSRF) vulnerability in Fetch Designs Sign-up Sheets plugin <= 2.2.8 versions.
CVSS Score
5.4
EPSS Score
0.001
Published
2023-10-03