{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-06-28T08:48:13.771","vulnerabilities":[{"cve":{"id":"CVE-2023-48752","sourceIdentifier":"audit@patchstack.com","published":"2023-11-30T17:15:13.023","lastModified":"2026-06-17T06:34:53.643","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Happyforms Form builder to get in touch with visitors, grow your email list and collect payments — Happyforms allows Reflected XSS.This issue affects Form builder to get in touch with visitors, grow your email list and collect payments — Happyforms: from n/a through 1.25.9."},{"lang":"es","value":"Vulnerabilidad de neutralización inadecuada de la entrada durante la generación de páginas web ('Scripting entre sitios') en Happyforms Form builder to get in touch with visitors, grow your email list and collect payments — Happyforms permite XSS reflejado. Este problema afecta a Form builder to get in touch with visitors, grow your email list and collect payments — Happyforms: desde n/a hasta 1.25.9."}],"affected":[{"source":"audit@patchstack.com","affectedData":[{"vendor":"Happyforms","product":"Form builder to get in touch with visitors, grow your email list and collect payments — Happyforms","defaultStatus":"unaffected","collectionURL":"https://wordpress.org/plugins","packageName":"happyforms","versions":[{"version":"n/a","lessThanOrEqual":"1.25.9","versionType":"custom","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"audit@patchstack.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L","baseScore":7.1,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"CHANGED","confidentialityImpact":"LOW","integrityImpact":"LOW","availabilityImpact":"LOW"},"exploitabilityScore":2.8,"impactScore":3.7},{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N","baseScore":6.1,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"CHANGED","confidentialityImpact":"LOW","integrityImpact":"LOW","availabilityImpact":"NONE"},"exploitabilityScore":2.8,"impactScore":2.7}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2024-11-12T20:04:53.947368Z","id":"CVE-2023-48752","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"audit@patchstack.com","type":"Secondary","description":[{"lang":"en","value":"CWE-79"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:happyforms:happyforms:*:*:*:*:*:wordpress:*:*","versionEndIncluding":"1.25.9","matchCriteriaId":"DC9BF4DD-AE29-4BEA-9415-919DF5CA60E9"}]}]}],"references":[{"url":"https://patchstack.com/database/vulnerability/happyforms/wordpress-happyforms-plugin-1-25-9-reflected-cross-site-scripting-xss-vulnerability?_s_id=cve","source":"audit@patchstack.com","tags":["Third Party Advisory"]},{"url":"https://patchstack.com/database/vulnerability/happyforms/wordpress-happyforms-plugin-1-25-9-reflected-cross-site-scripting-xss-vulnerability?_s_id=cve","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory"]}]}}]}