CVE-2022-2116

Summary

The Contact Form DB WordPress plugin before 1.8.0 does not sanitise and escape some parameters before outputting them back in attributes, leading to Reflected Cross-Site Scripting

Affected Software

VendorProductVersion RangeStatus
UnknownContact Form DB – Elementor1.8.0 < 1.8.0affected

Weaknesses

  • CWE-79: CWE-79 Cross-Site Scripting (XSS)

ADP Enrichment

CVE Program Container

Additional References

References