Lucene search
PatchstackCVE-2022-38467HistoryJan 14, 2023 - 11:15 a.m.
CVE-2022-38467
2023-01-1411:15:09
CWE-79
Patchstack
web.nvd.nist.gov
31
cve
2022
38467
xss
vulnerability
crm
perks
forms
wordpress
form builder
CVSS3
6.1
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
CHANGED
Confidentiality Impact
LOW
Integrity Impact
LOW
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
EPSS
0.001
Percentile
35.3%
Reflected Cross-Site Scripting (XSS) vulnerability in CRM Perks Forms – WordPress Form Builder <= 1.1.0 ver.
Affected configurations
Node
crmperkscrm_perks_formsRange≤1.1.0wordpress
| Vendor | Product | Version | CPE |
|---|---|---|---|
| crmperks | crm_perks_forms | * | cpe:2.3:a:crmperks:crm_perks_forms:*:*:*:*:*:wordpress:*:* |
CNA Affected
[
{
"collectionURL": "https://wordpress.org/plugins",
"defaultStatus": "unaffected",
"product": "CRM Perks Forms – WordPress Form Builder",
"vendor": "CRM Perks",
"versions": [
{
"changes": [
{
"at": "1.1.1",
"status": "unaffected"
}
],
"lessThanOrEqual": "1.1.0",
"status": "affected",
"version": "n/a",
"versionType": "custom"
}
]
}
]Related
cvelist
cvelist
prion
prion
Cross site scripting
2023-01-14 11:15:00
patchstack
patchstack
nvd
nvd
CVE-2022-38467
2023-01-14 11:15:09
nuclei
nuclei
CRM Perks Forms < 1.1.1 - Cross Site Scripting
2023-04-21 08:56:01
CVSS3
6.1
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
CHANGED
Confidentiality Impact
LOW
Integrity Impact
LOW
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
EPSS
0.001
Percentile
35.3%
Related for CVE-2022-38467