Primary

Context

Fetch Designs WordPress Sign-up Sheets Code Injection Vulnerability

Vulnerability

Patched

A code injection vulnerability has been identified in the Fetch Designs WordPress Sign-up Sheets plugin, affecting versions through 2.3.0.1. This vulnerability allows for improper control over the generation of code, enabling malicious actors to inject their own content into pages and posts. Such an injection could be exploited to introduce phishing pages or other harmful content into the website.

Impact

Exploitation of this vulnerability allows for content injection, where injected content could be used to create phishing pages or otherwise manipulate the site's content in a harmful way.

Remediation

Users of the Fetch Designs WordPress Sign-up Sheets plugin should update to version 2.3.1 or later. Patchstack users can enable auto-updates for vulnerable plugins.

Added: Jun 9, 2025, 7:46 PM

Updated: Jun 9, 2025, 7:46 PM

Vulnerability Rating

Custom Algorithm

spread

1.0

impact

1.3

exploitability

7.6

remediation

7.7

relevance

0.0

threat

0.0

urgency

2.9

incentive

5.8

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

1.0

impact

1.3

exploitability

7.6

remediation

7.7

relevance

0.0

threat

0.0

urgency

2.9

incentive

5.8

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Fetch Designs WordPress Sign-up Sheets Code Injection Vulnerability

Vulnerability

Impact

Remediation

Affected Products

Fetch Designs Sign-up Sheets

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating