Vulnerability Description
Stored Cross-Site Scripting (XSS) vulnerability in ThemeKraft Post Form – Registration Form – Profile Form for User Profiles and Content Forms for User Submissions plugin <= 2.7.5 versions.
CVSS Score
MEDIUM
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Themekraft | Post Form Registration Form Profile Form For User Profiles And Content Forms | <= 2.7.5 |
Related Weaknesses (CWE)
References
- https://patchstack.com/database/vulnerability/buddyforms/wordpress-buddyforms-plThird Party Advisory
- https://patchstack.com/database/vulnerability/buddyforms/wordpress-buddyforms-plThird Party Advisory
FAQ
What is CVE-2022-38971?
CVE-2022-38971 is a vulnerability with a CVSS score of 4.7 (MEDIUM). Stored Cross-Site Scripting (XSS) vulnerability in ThemeKraft Post Form – Registration Form – Profile Form for User Profiles and Content Forms for User Submissions plugin <= 2.7.5 versions.
How severe is CVE-2022-38971?
CVE-2022-38971 has been rated MEDIUM with a CVSS base score of 4.7/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2022-38971?
Check the references section above for vendor advisories and patch information. Affected products include: Themekraft Post Form Registration Form Profile Form For User Profiles And Content Forms.