PT-2025-37914 · WordPress · Form To Database
Sascha Egerer
·
Published
2025-09-16
·
Updated
2025-09-16
·
CVE-2025-10316
CVSS v4.0
2.3
Low
| Vector | AV:N/AC:L/AT:P/PR:N/UI:P/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X |
Name of the Vulnerable Software and Affected Versions
Form to Database versions prior to 2.2.5
Form to Database versions 3.0.0 through 3.2.2
Form to Database versions 4.0.0 through 4.2.3
Form to Database versions 5.0.0 through 5.0.2
Description
The extension "Form to Database" is susceptible to Cross-Site Scripting.
Recommendations
Update to a version prior to 2.2.5.
Update to a version prior to 3.0.0 or after 3.2.2.
Update to a version prior to 4.0.0 or after 4.2.3.
Update to a version prior to 5.0.0 or after 5.0.2.
Fix
XSS
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Form To Database