-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
On Tue, Feb 05, 2019 at 04:19:16PM +0100, Tim Coen wrote:
> https://security-consulting.icu/blog/2019/02/wordpress-forminator-persistent-xss-blind-sql-injection/
Please use CVE-2019-9567 for XSS vulnerability and CVE-2019-9568 for
SQL-injection vuln
* Vulnerability: Unauthenticated Persistent XSS, Blind SQL Injection
* Affected Software:
[Forminator](https://wordpress.org/plugins/forminator/)
* Affected Version: 1.5.4
* Patched Version: 1.6
* CVE: not requested
* Risk: High
* Vendor Contacted: 11/25/2018
* Vendor Fix: 12/10/201
