Vulnerabilities > CVE-2022-40191 - Unspecified vulnerability in Contact Form BY Mega Forms Project Contact Form BY Mega Forms
Attack vector
NETWORK Attack complexity
LOW Privileges required
LOW Confidentiality impact
LOW Integrity impact
LOW Availability impact
NONE Summary
Authenticated (subscriber+) Stored Cross-Site Scripting (XSS) vulnerability in Ali Khallad's Contact Form By Mega Forms plugin <= 1.2.4 at WordPress.
Vulnerable Configurations
| Part | Description | Count |
|---|---|---|
| Application | 1 |
References
- https://patchstack.com/database/vulnerability/mega-forms/wordpress-contact-form-by-mega-forms-plugin-1-2-4-authenticated-stored-cross-site-scripting-xss-vulnerability/_s_id=cve
- https://patchstack.com/database/vulnerability/mega-forms/wordpress-contact-form-by-mega-forms-plugin-1-2-4-authenticated-stored-cross-site-scripting-xss-vulnerability/_s_id=cve
- https://wordpress.org/plugins/mega-forms/#developers
- https://wordpress.org/plugins/mega-forms/#developers