Vendor
The Form Vibes - Database Manager for Forms plugin for WordPress, including all versions up to and including 1.5.2, is vulnerable to Stored Cross-Site Scripting (XSS) due to insufficient input sanitization and output escaping, allowing unauthenticated attackers to inject arbitrary web scripts into pages that execute when a user accesses an injected page.