Lucene search

PatchstackCVE-2022-45838

HistoryApr 18, 2023 - 1:15 p.m.

CVE-2022-45838

2023-04-1813:15:09

CWE-79

Patchstack

web.nvd.nist.gov

cve-2022-45838

unauthenticated

stored cross-site scripting

xss

repute infosystems

arforms

form builder

plugin

security vulnerability

nvd

CVSS3

6.1

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

CHANGED

Confidentiality Impact

LOW

Integrity Impact

LOW

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

EPSS

0.001

Percentile

22.7%

JSON

Unauth. Stored Cross-Site Scripting (XSS) vulnerability in Repute InfoSystems ARForms Form Builder plugin <= 1.5.5 versions.

Affected configurations

Nvd

Vulners

Node

reputeinfosystemsarforms_form_builderRange≤1.5.5wordpress

VendorProductVersionCPE
reputeinfosystemsarforms_form_builder*cpe:2.3:a:reputeinfosystems:arforms_form_builder:*:*:*:*:*:wordpress:*:*

Vendor	Product	Version	CPE
reputeinfosystems	arforms_form_builder	*	cpe:2.3:a:reputeinfosystems:arforms_form_builder::::::wordpress::*

CNA Affected

[
  {
    "collectionURL": "https://wordpress.org/plugins",
    "defaultStatus": "unaffected",
    "packageName": "arforms-form-builder",
    "product": "ARForms Form Builder",
    "vendor": "Repute InfoSystems",
    "versions": [
      {
        "lessThanOrEqual": "1.5.5",
        "status": "affected",
        "version": "n/a",
        "versionType": "custom"
      }
    ]
  }
]

References

patchstack.com/database/vulnerability/arforms-form-builder/wordpress-arforms-form-builder-plugin-1-5-3-unauth-stored-cross-site-scripting-xss-vulnerability?_s_id=cve

Social References

CVSS3

6.1

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

CHANGED

Confidentiality Impact

LOW

Integrity Impact

LOW

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

EPSS

0.001

Percentile

22.7%

JSON

Related for CVE-2022-45838