3.5
CVSSv2

CVE-2017-18600

Published: 10/09/2019 Updated: 10/09/2019
CVSS v2 Base Score: 3.5 | Impact Score: 2.9 | Exploitability Score: 6.8
Vector: AV:N/AC:M/Au:S/C:N/I:P/A:N

Vulnerability Summary

The formcraft3 plugin prior to 3.4 for WordPress has stored XSS via the "New Form > Heading > Heading Text" field.

Vulnerability Trend

Affected Products

Vendor Product Versions
NcraftsFormcraft3.2.31