Lucene search
China National Vulnerability DatabaseCNVD-2022-64661HistoryJun 13, 2022 - 12:00 a.m.
WordPress FormCraft plugin cross-site scripting vulnerability
2022-06-1300:00:00
China National Vulnerability Database
www.cnvd.org.cn
13
0.001 Low
EPSS
Percentile
25.0%
WordPress and WordPress plugin are both products of the WordPress Foundation. WordPress is a blogging platform developed using the PHP language. FormCraft is one of the form creation plugins used in it. WordPress plugin is an application plugin. WordPress FormCraft plugin versions prior to 1.2.6 are vulnerable to a cross-site scripting vulnerability that results from the plugin’s failure to clean and escape field tags. High-privilege attackers such as administrators can exploit this vulnerability to execute JavaScript code on the client side.
| CPE | Name | Operator | Version |
|---|---|---|---|
| wordpress formcraft plugin | lt | 1.2.6 |
Related
patchstack
patchstack
cvelist
cvelist
CVE-2022-1647 FormCraft Basic < 1.2.6 - Admin+ Stored Cross Site Scripting
2022-06-06 08:51:13
prion
prion
Cross site scripting
2022-06-08 10:15:00
wpexploit
wpexploit
FormCraft Basic < 1.2.6 - Admin+ Stored Cross Site Scripting
2022-05-16 00:00:00
wpvulndb
wpvulndb
FormCraft Basic < 1.2.6 - Admin+ Stored Cross Site Scripting
2022-05-16 00:00:00
cve
cve
CVE-2022-1647
2022-06-08 10:15:10
nvd
nvd
CVE-2022-1647
2022-06-08 10:15:10