Lucene search

CVE-2024-37537

🗓️ 21 Jul 2024 07:02:15Reported by PatchstackType

Improper Input Neutralization in UusWeb.Ee WS Contact For

AI Insights are available for you today

Leverage the power of AI to quickly understand vulnerabilities, impacts, and exploitability

Reporter	Title	Published	Views	Family All 5
Cvelist	CVE-2024-37537 WordPress WS Contact Form plugin <= 1.3.7 - Cross Site Scripting (XSS) vulnerability	21 Jul 202407:04	–	cvelist
Vulnrichment	CVE-2024-37537 WordPress WS Contact Form plugin <= 1.3.7 - Cross Site Scripting (XSS) vulnerability	21 Jul 202407:04	–	vulnrichment
Patchstack	WordPress WS Contact Form Plugin <= 1.3.7 is vulnerable to Cross Site Scripting (XSS)	5 Jul 202400:00	–	patchstack
NVD	CVE-2024-37537	21 Jul 202407:15	–	nvd
Wordfence Blog	Wordfence Intelligence Weekly WordPress Vulnerability Report (July 1, 2024 to July 7, 2024)	11 Jul 202415:09	–	wordfence

Nvd

Vulners

Node

uusweb ws_contact_formRange<1.3.8wordpress

[
  {
    "collectionURL": "https://wordpress.org/plugins",
    "defaultStatus": "unaffected",
    "packageName": "ws-contact-form",
    "product": "WS Contact Form",
    "vendor": "UusWeb.ee",
    "versions": [
      {
        "lessThanOrEqual": "1.3.7",
        "status": "affected",
        "version": "n/a",
        "versionType": "custom"
      }
    ]
  }
]

Source	Link
patchstack	www.patchstack.com/database/vulnerability/ws-contact-form/wordpress-ws-contact-form-plugin-1-3-7-cross-site-scripting-xss-vulnerability

Transform Your Security Services

Elevate your offerings with Vulners' advanced Vulnerability Intelligence. Contact us for a demo and discover the difference comprehensive, actionable intelligence can make in your security strategy.

Book a live demo

21 Jul 2024 07:15Current

5.8Medium risk

Vulners AI Score5.8

CVSS35.4 - 5.9

EPSS0.00045

SSVC

CWE-79