Lucene search
HistoryJan 14, 2023 - 11:15 a.m.
CVE-2022-38467
cve
2022
38467
xss
vulnerability
crm
perks
forms
wordpress
form builder
6.1 Medium
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
CHANGED
Confidentiality Impact
LOW
Integrity Impact
LOW
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
0.001 Low
EPSS
Percentile
44.1%
Reflected Cross-Site Scripting (XSS) vulnerability in CRM Perks Forms – WordPress Form Builder <= 1.1.0 ver.
Affected configurations
Node
crm_perkscrm_perks_forms_–_wordpress_form_builderRange≤1.1.0
| CPE | Name | Operator | Version |
|---|---|---|---|
| crmperks:crm_perks_forms | crmperks crm perks forms | le | 1.1.0 |
CNA Affected
[
{
"collectionURL": "https://wordpress.org/plugins",
"defaultStatus": "unaffected",
"product": "CRM Perks Forms – WordPress Form Builder",
"vendor": "CRM Perks",
"versions": [
{
"changes": [
{
"at": "1.1.1",
"status": "unaffected"
}
],
"lessThanOrEqual": "1.1.0",
"status": "affected",
"version": "n/a",
"versionType": "custom"
}
]
}
]Related
cvelist
cvelist
nuclei
nuclei
CRM Perks Forms < 1.1.1 - Cross Site Scripting
2023-04-21 08:56:01
nvd
nvd
CVE-2022-38467
2023-01-14 11:15:09
prion
prion
Cross site scripting
2023-01-14 11:15:00
patchstack
patchstack
6.1 Medium
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
CHANGED
Confidentiality Impact
LOW
Integrity Impact
LOW
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
0.001 Low
EPSS
Percentile
44.1%
Related for CVE-2022-38467