PT-2020-19479 · WordPress · Calculated Fields Form Plugin

Published

2020-01-22

Updated

2020-01-24

CVE-2020-7228

CVSS v3.1

5.4

Medium

Vector

AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N

Name of the Vulnerable Software and Affected Versions Calculated Fields Form plugin versions 1.0.353 and earlier

Description The issue concerns multiple Stored XSS vulnerabilities present in the input forms of the Calculated Fields Form plugin for WordPress. These vulnerabilities can be exploited by an authenticated user.

Recommendations For versions 1.0.353 and earlier, update to a version that contains a fix for this issue. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

XSS

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-79

Related Identifiers

CVE-2020-7228

Affected Products

Calculated Fields Form Plugin

PT-2020-19479 · WordPress · Calculated Fields Form Plugin

CVE-2020-7228

Weakness Enumeration

Related Identifiers

Affected Products

References · 6