DescriptionMulti Step Form has a drag & drop enabled form builder for quick and intuitive creation of nice-looking multi step forms. Forms can be embedded on any page or post with short codes.
ClassificationType: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
Proof of ConceptThere is multiple stored and reflected XSS vulnerabilities in in fw_wizard_save action. The reason - unsanitized user's input from the following parameters:
Exploiting this vulnerability requires authentication.
Locate Multi step form and enter payload and Save. The values are passed via Ajax → http://localhost/word496/wp-admin/admin-ajax.php