Share
## https://sploitus.com/exploit?id=09C7FF06-E964-594B-8C1E-1C5B876ED985
# CVE-2017-20192 โ Formidable Forms (WordPress) โ Vulnerable Docker Lab
Reproducible Docker lab for **CVE-2017-20192** (Formidable Forms < 2.05.03 stored XSS).
## Quickstart
```bash
docker compose up -d --build
```
Target:
- `http://127.0.0.1:18080`
## Validate (lab helper)
This helper script:
- submits a crafted entry **unauthenticated**
- logs in as WordPress admin
- fetches the Formidable **admin entry view** and checks for the stored marker
```bash
bash ./scripts/poc.sh
```
## Stop / Cleanup
```bash
docker compose down -v
```