Vulnerability Details CVE-2017-18613
The trust-form plugin 2.0 for WordPress has XSS via the wp-admin/admin.php?page=trust-form-edit page parameter.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.005
EPSS Ranking 64.7%
CVSS Severity
CVSS v3 Score 6.1
CVSS v2 Score 4.3
References
- https://sumofpwn.nl/advisory/2016/cross_site_scripting_vulnerability_in_trust_form_wordpress_plugin.html
- https://wordpress.org/plugins/trust-form/#developers
- https://sumofpwn.nl/advisory/2016/cross_site_scripting_vulnerability_in_trust_form_wordpress_plugin.html
- https://wordpress.org/plugins/trust-form/#developers
Products affected by CVE-2017-18613
-
cpe:2.3:a:trust_form_project:trust_form:2.0