Lucene search
China National Vulnerability DatabaseCNVD-2023-06870HistoryFeb 16, 2022 - 12:00 a.m.
WordPress Form Store to DB plugin cross-site scripting vulnerability
2022-02-1600:00:00
China National Vulnerability Database
www.cnvd.org.cn
5
wordpress
form store
db plugin
cross-site scripting
vulnerability
php
mysql
unauthenticated attack
EPSS
0.001
Percentile
31.6%
WordPress is a set of blogging platforms developed using the PHP language by the WordPress (Wordpress) Foundation. The platform supports the hosting of personal blog sites on servers with PHP and MySQL. cross-site scripting vulnerability exists in versions of the WordPress Form Store to DB plugin prior to 1.1.1, which stems from the plugin’s failure to filter and escape parameter keys before outputting them to created entries, and can be exploited by unauthenticated attackers to perform Cross-site scripting attacks.
Related
patchstack
patchstack
nvd
nvd
CVE-2021-25107
2022-02-14 12:15:15
cvelist
cvelist
cve
cve
CVE-2021-25107
2022-02-14 12:15:15
prion
prion
Cross site scripting
2022-02-14 12:15:00
wpvulndb
wpvulndb
Form Store to DB < 1.1.1 - Unauthenticated Stored Cross-Site Scripting
2022-01-17 00:00:00
wpexploit
wpexploit
Form Store to DB < 1.1.1 - Unauthenticated Stored Cross-Site Scripting
2022-01-17 00:00:00