Zoho · Zoho Crm Lead Magnet Plugin · CVE-2019-19306
**Name of the Vulnerable Software and Affected Versions**
Zoho CRM Lead Magnet plugin version 1.6.9.1
**Description**
The issue allows for XSS attacks. This can be achieved via the `module`, `EditShortcode`, or `LayoutName`.
**Recommendations**
For Zoho CRM Lead Magnet plugin version 1.6.9.1, update to a newer version that contains a fix for this issue.