Lucene search
China National Vulnerability DatabaseCNVD-2022-66604HistoryMar 02, 2022 - 12:00 a.m.
WordPress WS Form plugin cross-site scripting vulnerability
2022-03-0200:00:00
China National Vulnerability Database
www.cnvd.org.cn
20
0.001 Low
EPSS
Percentile
25.0%
WordPress is the Wordpress Foundation’s suite of blogging platforms developed using the PHP language. The platform supports personal blogging sites on PHP and MySQL servers. cross-site scripting vulnerability exists in versions of WordPress WS Form plugin prior to 1.8.176, which stems from the WS Form plugin’s failure to clean up and escape its form names, and can be exploited by attackers to perform cross-site scripting attacks.
| CPE | Name | Operator | Version |
|---|---|---|---|
| wordpress ws form plugin | lt | 1.8.176 |
Related
cve
cve
CVE-2022-23987
2022-02-28 09:15:09
nvd
nvd
CVE-2022-23987
2022-02-28 09:15:09
patchstack
patchstack
prion
prion
Cross site scripting
2022-02-28 09:15:00
cvelist
cvelist
CVE-2022-23987 WS Form < 1.8.176 - Admin+ Stored Cross-Site Scripting
2022-02-28 09:07:01