Total
2 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2022-23988 | 1 Westguardsolutions | 1 Ws Form | 2022-03-08 | 4.3 MEDIUM | 6.1 MEDIUM |
| The WS Form LITE and Pro WordPress plugins before 1.8.176 do not sanitise and escape submitted form data, allowing unauthenticated attacker to submit XSS payloads which will get executed when a privileged user will view the related submission | |||||
| CVE-2022-23987 | 1 Westguardsolutions | 1 Ws Form | 2022-03-08 | 3.5 LOW | 4.8 MEDIUM |
| The WS Form LITE and Pro WordPress plugins before 1.8.176 do not sanitise and escape their Form Name, which could allow high privilege users to perform Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed. | |||||