Unrated severityNVD Advisory· Published Jul 17, 2022· Updated Aug 3, 2024

Best Contact Management Software <= 3.7.3 - Admin+ Stored Cross-Site Scripting

CVE-2022-2151

Description

The Best Contact Management Software WordPress plugin through 3.7.3 does not sanitise and escape its settings, allowing high privilege users such as admin to perform Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

WordPress/Best Contact Management Softwaredescription
Rae Media/Contact Management Softwarellm-fuzzy
Range: <=3.7.3

Patches

Vulnerability mechanics

References

wpscan.com/vulnerability/7c08e4c1-57c5-471c-a990-dcb9fd7ce0f4mitrex_refsource_MISC

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.000
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000