Lucene search
HistoryJun 12, 2024 - 6:15 a.m.
CVE-2024-0427
arforms
wordpress
input validation
CVSS3
6.3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
LOW
Integrity Impact
LOW
Availability Impact
LOW
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L
EPSS
0
Percentile
9.0%
The ARForms - Premium WordPress Form Builder Plugin WordPress plugin before 6.4.1 does not properly escape user-controlled input when it is reflected in some of its AJAX actions.
Related
cvelist
cvelist
CVE-2024-0427 Arforms < 6.4.1 - Reflected XSS
2024-06-12 06:00:02
cve
cve
CVE-2024-0427
2024-06-12 06:15:08
wpexploit
wpexploit
Arforms < 6.4.1 - Reflected XSS
2024-05-22 00:00:00
vulnrichment
vulnrichment
CVE-2024-0427 Arforms < 6.4.1 - Reflected XSS
2024-06-12 06:00:02
wpvulndb
wpvulndb
Arforms < 6.4.1 - Reflected XSS
2024-05-22 00:00:00
CVSS3
6.3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
LOW
Integrity Impact
LOW
Availability Impact
LOW
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L
EPSS
0
Percentile
9.0%
Related for NVD:CVE-2024-0427