Vulnerability Details CVE-2022-38971
Stored Cross-Site Scripting (XSS) vulnerability in ThemeKraft Post Form – Registration Form – Profile Form for User Profiles and Content Forms for User Submissions plugin <= 2.7.5 versions.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.003
EPSS Ranking 49.4%
CVSS Severity
CVSS v3 Score 4.7
References
- https://patchstack.com/database/vulnerability/buddyforms/wordpress-buddyforms-plugin-2-7-2-auth-stored-cross-site-scripting-xss-vulnerability?_s_id=cve
- https://patchstack.com/database/vulnerability/buddyforms/wordpress-buddyforms-plugin-2-7-2-auth-stored-cross-site-scripting-xss-vulnerability?_s_id=cve
Products affected by CVE-2022-38971
-
Themekraft » Post Form Registration Form Profile Form For User Profiles And Content Forms » Version: Anycpe:2.3:a:themekraft:post_form_registration_form_profile_form_for_user_profiles_and_content_forms:*