CVE-2022-23988

The WS Form LITE and Pro WordPress plugins before 1.8.176 do not sanitise and escape submitted form data, allowing unauthenticated attacker to submit XSS payloads which will get executed when a privileged user will view the related submission

CVSS v3 6.1 MEDIUM
CVSS v2.0 4.3 MEDIUM

6.1^/10

CVSS v3 : MEDIUM

Vector :

Exploitability : 2.8 / Impact : 2.7

Attack Vector NETWORK

Attack Complexity LOW

Privileges Required NONE

User Interaction REQUIRED

Confidentiality Impact LOW

Integrity Impact LOW

Availability Impact NONE

Scope CHANGED

4.3^/10

CVSS v2.0 : MEDIUM

Vector : AV:N/AC:M/Au:N/C:N/I:P/A:N

Exploitability : 8.6 / Impact : 2.9

Access Vector NETWORK

Access Complexity MEDIUM

Authentication NONE

Confidentiality Impact NONE

Integrity Impact PARTIAL

Availability Impact NONE

References

Link	Resource
https://wpscan.com/vulnerability/9d5738f9-9a2e-4878-8a03-745894420bf6	Exploit Third Party Advisory

Configurations

Configuration 1 (hide)

OR	cpe:2.3:a:westguardsolutions:ws_form:::::lite:wordpress::
	cpe:2.3:a:westguardsolutions:ws_form:::::pro:wordpress::

History

No history.

Information

Published : 2022-02-28 09:15

Updated : 2022-03-08 17:25

NVD link : CVE-2022-23988

Mitre link : CVE-2022-23988

CVE.ORG link : CVE-2022-23988

JSON object : View

Products Affected

westguardsolutions

ws_form

CWE

CWE-79

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

{"id": "CVE-2022-23988", "cveTags": [], "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 4.3, "accessVector": "NETWORK", "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N", "authentication": "NONE", "integrityImpact": "PARTIAL", "accessComplexity": "MEDIUM", "availabilityImpact": "NONE", "confidentialityImpact": "NONE"}, "acInsufInfo": false, "impactScore": 2.9, "baseSeverity": "MEDIUM", "obtainAllPrivilege": false, "exploitabilityScore": 8.6, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": true}], "cvssMetricV31": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"scope": "CHANGED", "version": "3.1", "baseScore": 6.1, "attackVector": "NETWORK", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", "integrityImpact": "LOW", "userInteraction": "REQUIRED", "attackComplexity": "LOW", "availabilityImpact": "NONE", "privilegesRequired": "NONE", "confidentialityImpact": "LOW"}, "impactScore": 2.7, "exploitabilityScore": 2.8}]}, "published": "2022-02-28T09:15:09.497", "references": [{"url": "https://wpscan.com/vulnerability/9d5738f9-9a2e-4878-8a03-745894420bf6", "tags": ["Exploit", "Third Party Advisory"], "source": "contact@wpscan.com"}], "vulnStatus": "Analyzed", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "CWE-79"}]}, {"type": "Secondary", "source": "contact@wpscan.com", "description": [{"lang": "en", "value": "CWE-79"}]}], "descriptions": [{"lang": "en", "value": "The WS Form LITE and Pro WordPress plugins before 1.8.176 do not sanitise and escape submitted form data, allowing unauthenticated attacker to submit XSS payloads which will get executed when a privileged user will view the related submission"}, {"lang": "es", "value": "Los plugins WS Form LITE y Pro WordPress versiones anteriores a 1.8.176, no sanean ni escapan de los datos del formulario enviado, permitiendo a un atacante no autenticado enviar cargas \u00fatiles de tipo XSS que ser\u00e1n ejecutadas cuando un usuario con privilegios visualice el env\u00edo correspondiente."}], "lastModified": "2022-03-08T17:25:20.053", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:westguardsolutions:ws_form:*:*:*:*:lite:wordpress:*:*", "vulnerable": true, "matchCriteriaId": "D60DAD5B-15C3-46F1-9322-63B4BBBCEBE6", "versionEndExcluding": "1.8.176"}, {"criteria": "cpe:2.3:a:westguardsolutions:ws_form:*:*:*:*:pro:wordpress:*:*", "vulnerable": true, "matchCriteriaId": "120F355B-8EA8-4ED1-909D-25595B0CBFA5", "versionEndExcluding": "1.8.176"}], "operator": "OR"}]}], "sourceIdentifier": "contact@wpscan.com"}