CVE-2025-13159 | Flo Forms Plugin up to 1.0.43 on WordPress AJAX Endpoint flo_form_submit cross site scripting

A vulnerability described as problematic has been identified in Flo Forms Plugin up to 1.0.43 on WordPress. This affects the function flo_form_submit of the component AJAX Endpoint. Such manipulation leads to cross site scripting.

This vulnerability is referenced as CVE-2025-13159. It is possible to launch the attack remotely. No exploit is available.VulDB Recent EntriesRead More