Vulnerability Details CVE-2022-1569
The Drag & Drop Builder, Human Face Detector, Pre-built Templates, Spam Protection, User Email Notifications & more! WordPress plugin before 1.4.9.4 does not sanitise and escape some of its form fields, which could allow high privilege users such as admin to perform Cross-Site Scripting attacks when unfiltered_html is disallowed
Exploit prediction scoring system (EPSS) score
EPSS Score 0.002
EPSS Ranking 41.7%
CVSS Severity
CVSS v3 Score 4.8
CVSS v2 Score 3.5
References
Products affected by CVE-2022-1569
-
cpe:2.3:a:pieforms:drag_&_drop_builder:1.1.0
-
cpe:2.3:a:pieforms:drag_&_drop_builder:1.1.1
-
cpe:2.3:a:pieforms:drag_&_drop_builder:1.2
-
cpe:2.3:a:pieforms:drag_&_drop_builder:1.3
-
cpe:2.3:a:pieforms:drag_&_drop_builder:1.4
-
cpe:2.3:a:pieforms:drag_&_drop_builder:1.4.1
-
cpe:2.3:a:pieforms:drag_&_drop_builder:1.4.2
-
cpe:2.3:a:pieforms:drag_&_drop_builder:1.4.3
-
cpe:2.3:a:pieforms:drag_&_drop_builder:1.4.4
-
cpe:2.3:a:pieforms:drag_&_drop_builder:1.4.5
-
cpe:2.3:a:pieforms:drag_&_drop_builder:1.4.6
-
cpe:2.3:a:pieforms:drag_&_drop_builder:1.4.7.0
-
cpe:2.3:a:pieforms:drag_&_drop_builder:1.4.7.1
-
cpe:2.3:a:pieforms:drag_&_drop_builder:1.4.7.10
-
cpe:2.3:a:pieforms:drag_&_drop_builder:1.4.7.11
-
cpe:2.3:a:pieforms:drag_&_drop_builder:1.4.7.2
-
cpe:2.3:a:pieforms:drag_&_drop_builder:1.4.7.3
-
cpe:2.3:a:pieforms:drag_&_drop_builder:1.4.7.4
-
cpe:2.3:a:pieforms:drag_&_drop_builder:1.4.7.5
-
cpe:2.3:a:pieforms:drag_&_drop_builder:1.4.7.6
-
cpe:2.3:a:pieforms:drag_&_drop_builder:1.4.7.7
-
cpe:2.3:a:pieforms:drag_&_drop_builder:1.4.7.8
-
cpe:2.3:a:pieforms:drag_&_drop_builder:1.4.7.9
-
cpe:2.3:a:pieforms:drag_&_drop_builder:1.4.8
-
cpe:2.3:a:pieforms:drag_&_drop_builder:1.4.8.1
-
cpe:2.3:a:pieforms:drag_&_drop_builder:1.4.8.2
-
cpe:2.3:a:pieforms:drag_&_drop_builder:1.4.9
-
cpe:2.3:a:pieforms:drag_&_drop_builder:1.4.9.1
-
cpe:2.3:a:pieforms:drag_&_drop_builder:1.4.9.2
-
cpe:2.3:a:pieforms:drag_&_drop_builder:1.4.9.3