Westguardsolutions Ws Form — known CVE vulnerabilities
Every CVE whose affected-product data names Westguardsolutions Ws Form, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (6)
CVE-2023-52135 — CVSS 7.6 (high): Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in WS Form WS Form LITE – Drag & Drop…
CVE-2024-13509 — CVSS 7.2 (high): The WS Form LITE and PRO plugins for WordPress are vulnerable to Stored Cross-Site Scripting via the url parameter in all versions up to…
CVE-2022-23988 — CVSS 6.1 (medium): The WS Form LITE and Pro WordPress plugins before 1.8.176 do not sanitise and escape submitted form data, allowing unauthenticated attacker…
CVE-2024-10647 — CVSS 6.1 (medium): The WS Form LITE – Drag & Drop Contact Form Builder for WordPress plugin for WordPress is vulnerable to Reflected Cross-Site Scripting…
CVE-2022-23987 — CVSS 4.8 (medium): The WS Form LITE and Pro WordPress plugins before 1.8.176 do not sanitise and escape their Form Name, which could allow high privilege…
CVE-2023-5424 — CVSS 4.7 (medium): The WS Form LITE plugin for WordPress is vulnerable to CSV Injection in versions up to, and including, 1.9.217. This allows unauthenticated…