Lucene search
HistoryDec 29, 2023 - 12:15 p.m.
CVE-2023-50891
cve-2023-50891
zoho forms
wordpress
xss
vulnerability
CVSS3
5.4
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
REQUIRED
Scope
CHANGED
Confidentiality Impact
LOW
Integrity Impact
LOW
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
EPSS
0.018
Percentile
88.3%
Improper Neutralization of Input During Web Page Generation (‘Cross-site Scripting’) vulnerability in Zoho Forms Form plugin for WordPress – Zoho Forms allows Stored XSS.This issue affects Form plugin for WordPress – Zoho Forms: from n/a through 3.0.1.
Affected configurations
Node
zohocorpzoho_formsRange≤3.0.1wordpress
| Vendor | Product | Version | CPE |
|---|---|---|---|
| zohocorp | zoho_forms | * | cpe:2.3:a:zohocorp:zoho_forms:*:*:*:*:*:wordpress:*:* |
Related
wpvulndb
wpvulndb
prion
prion
Cross site scripting
2023-12-29 12:15:00
cvelist
cvelist
cve
cve
CVE-2023-50891
2023-12-29 12:15:45
wordfence
wordfence
CVSS3
5.4
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
REQUIRED
Scope
CHANGED
Confidentiality Impact
LOW
Integrity Impact
LOW
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
EPSS
0.018
Percentile
88.3%
Related for NVD:CVE-2023-50891