Lucene search
PatchstackCVE-2023-45070HistoryOct 18, 2023 - 1:15 p.m.
CVE-2023-45070
2023-10-1813:15:09
CWE-79
Patchstack
web.nvd.nist.gov
47
cve-2023-45070
unauthenticated
reflected
cross-site scripting
xss
10web form builder
team form maker
10web
mobile-friendly
drag & drop
contact form builder
nvd
CVSS3
7.1
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
CHANGED
Confidentiality Impact
LOW
Integrity Impact
LOW
Availability Impact
LOW
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L
AI Score
6
Confidence
High
EPSS
0.001
Percentile
20.2%
Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in 10Web Form Builder Team Form Maker by 10Web – Mobile-Friendly Drag & Drop Contact Form Builder plugin <= 1.15.18 versions.
Affected configurations
Node
10webform_makerRange<1.15.19wordpress
| Vendor | Product | Version | CPE |
|---|---|---|---|
| 10web | form_maker | * | cpe:2.3:a:10web:form_maker:*:*:*:*:*:wordpress:*:* |
CNA Affected
[
{
"collectionURL": "https://wordpress.org/plugins",
"defaultStatus": "unaffected",
"packageName": "https://wordpress.org/plugins/form-maker/",
"product": "Form Maker by 10Web – Mobile-Friendly Drag & Drop Contact Form Builder",
"vendor": "10Web Form Builder Team",
"versions": [
{
"changes": [
{
"at": "1.15.19",
"status": "unaffected"
}
],
"lessThanOrEqual": "1.15.18",
"status": "affected",
"version": "n/a",
"versionType": "custom"
}
]
}
]Related
vulnrichment
vulnrichment
wpvulndb
wpvulndb
Form Maker by 10Web < 1.15.19 - Reflected XSS
2023-10-20 00:00:00
prion
prion
Cross site scripting
2023-10-18 13:15:00
cvelist
cvelist
nvd
nvd
CVE-2023-45070
2023-10-18 13:15:09
wordfence
wordfence
CVSS3
7.1
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
CHANGED
Confidentiality Impact
LOW
Integrity Impact
LOW
Availability Impact
LOW
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L
AI Score
6
Confidence
High
EPSS
0.001
Percentile
20.2%
Related for CVE-2023-45070