CVE-2017-18600

Name of the Vulnerable Software and Affected Versions formcraft3 plugin versions prior to 3.4 for WordPress

Description The issue is related to stored XSS, which occurs via the "New Form > Heading > Heading Text" field. This allows for malicious input to be stored and executed, potentially leading to security breaches.

Recommendations For formcraft3 plugin versions prior to 3.4, update to version 3.4 or later to resolve the issue. As a temporary workaround, consider restricting access to the "New Form > Heading > Heading Text" field until the update is applied.