Lucene search
China National Vulnerability DatabaseCNVD-2023-06870HistoryFeb 16, 2022 - 12:00 a.m.
WordPress Form Store to DB plugin cross-site scripting vulnerability
2022-02-1600:00:00
China National Vulnerability Database
www.cnvd.org.cn
5
0.001 Low
EPSS
Percentile
31.8%
WordPress is a set of blogging platforms developed using the PHP language by the WordPress (Wordpress) Foundation. The platform supports the hosting of personal blog sites on servers with PHP and MySQL. cross-site scripting vulnerability exists in versions of the WordPress Form Store to DB plugin prior to 1.1.1, which stems from the plugin’s failure to filter and escape parameter keys before outputting them to created entries, and can be exploited by unauthenticated attackers to perform Cross-site scripting attacks.
| CPE | Name | Operator | Version |
|---|---|---|---|
| wordpress form store to db plugin | lt | 1.1.1 |
Related
cve
cve
CVE-2021-25107
2022-02-14 12:15:15
cvelist
cvelist
prion
prion
Cross site scripting
2022-02-14 12:15:00
wpexploit
wpexploit
Form Store to DB < 1.1.1 - Unauthenticated Stored Cross-Site Scripting
2022-01-17 00:00:00
wpvulndb
wpvulndb
Form Store to DB < 1.1.1 - Unauthenticated Stored Cross-Site Scripting
2022-01-17 00:00:00
patchstack
patchstack
nvd
nvd
CVE-2021-25107
2022-02-14 12:15:15