The Calculated Fields Form plugin through 1.0.353 for WordPress suffers from multiple Stored XSS vulnerabilities present in the input forms. These can be exploited by an authenticated user.
References
Link | Resource |
---|---|
https://spider-security.co.uk/blog-cve-2020-7228 | Third Party Advisory |
https://wordpress.org/plugins/calculated-fields-form/#developers | Third Party Advisory |
https://wpvulndb.com/vulnerabilities/10043 | Third Party Advisory |
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: mitre
Published: 2020-01-22T14:10:31
Updated: 2020-01-22T18:06:09
Reserved: 2020-01-19T00:00:00
Link: CVE-2020-7228
JSON object: View
NVD Information
Status : Analyzed
Published: 2020-01-22T15:15:11.677
Modified: 2020-01-24T22:02:00.107
Link: CVE-2020-7228
JSON object: View
Redhat Information
No data.
CWE