Share
## https://sploitus.com/exploit?id=09C7FF06-E964-594B-8C1E-1C5B876ED985
# CVE-2017-20192 โ€” Formidable Forms (WordPress) โ€” Vulnerable Docker Lab

Reproducible Docker lab for **CVE-2017-20192** (Formidable Forms < 2.05.03 stored XSS).

## Quickstart

```bash
docker compose up -d --build
```

Target:
- `http://127.0.0.1:18080`

## Validate (lab helper)

This helper script:
- submits a crafted entry **unauthenticated**
- logs in as WordPress admin
- fetches the Formidable **admin entry view** and checks for the stored marker

```bash
bash ./scripts/poc.sh
```

## Stop / Cleanup

```bash
docker compose down -v
```