CVE-2022-38467

Name of the Vulnerable Software and Affected Versions CRM Perks Forms – WordPress Form Builder versions prior to 1.1.0

Description The issue is related to the lack of protection of the web page structure, allowing a remote attacker to conduct a cross-site scripting (XSS) attack. This can be exploited to inject malicious scripts into the website.

Recommendations For versions prior to 1.1.0, update to version 1.1.0 or later to resolve the issue. As a temporary workaround, consider restricting access to the CRM Perks Forms plugin to minimize the risk of exploitation.