Nixpkgs Security Tracker

Untriaged

Permalink CVE-2025-23592

created 5 months ago

WordPress dForms plugin <= 1.0 - Reflected Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in NotFound dForms allows Reflected XSS. This issue affects dForms: from n/a through 1.0.

Affected products

dforms

=<1.0

Matching in nixpkgs

pkgs.python312Packages.permissionedforms

Django extension for creating forms that vary according to user permissions

nixos-unstable -
- nixpkgs-unstable 0.1

pkgs.python313Packages.permissionedforms