WordPress · Forms · CVE-2021-24505
**Name of the Vulnerable Software and Affected Versions**
Forms WordPress plugin versions prior to 1.12.3
**Description**
The issue is related to a lack of input sanitization, leading to Stored Cross-Site scripting problems. Specifically, it involves an Authenticated Stored Cross-Site Scripting (XSS) vulnerability within the Forms "Add new" field.
**Recommendations**
For versions prior to 1.12.3, update to version 1.12.3 or later to resolve the issue. As a temporary workaround, consider restricting access to the "Add new" field in the Forms plugin until the update is applied.