Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Vikas Ratudi VForm allows Stored XSS. This issue affects VForm: from n/a through 3.1.14.
Metrics
Affected Vendors & Products
| Vendors | Products |
|---|---|
| Vikasratudi |
|
Configuration 1 [-]
|
No data.
References
History
Wed, 30 Apr 2025 15:45:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| First Time appeared |
Vikasratudi
Vikasratudi lifetime Free Drag \& Drop Contact Form Builder |
|
| CPEs | cpe:2.3:a:vikasratudi:lifetime_free_drag_\&_drop_contact_form_builder:*:*:*:*:*:wordpress:*:* | |
| Vendors & Products |
Vikasratudi
Vikasratudi lifetime Free Drag \& Drop Contact Form Builder |
Tue, 22 Apr 2025 14:15:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| Metrics |
ssvc
|
Tue, 22 Apr 2025 10:00:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| Description | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Vikas Ratudi VForm allows Stored XSS. This issue affects VForm: from n/a through 3.1.14. | |
| Title | WordPress VForm <= 3.1.14 - Cross Site Scripting (XSS) Vulnerability | |
| Weaknesses | CWE-79 | |
| References |
| |
| Metrics |
cvssV3_1
|
MITRE
Status: PUBLISHED
Assigner: Patchstack
Published: 2025-04-22T09:53:33.170Z
Updated: 2025-04-22T13:42:18.574Z
Reserved: 2025-04-22T09:21:43.075Z
Link: CVE-2025-46250
Vulnrichment
Updated: 2025-04-22T13:42:13.180Z
NVD
Status : Analyzed
Published: 2025-04-22T10:15:19.590
Modified: 2025-04-30T15:22:06.850
Link: CVE-2025-46250
Redhat
No data.