{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-04-19T21:58:25.143","vulnerabilities":[{"cve":{"id":"CVE-2024-23522","sourceIdentifier":"audit@patchstack.com","published":"2024-05-17T09:15:22.410","lastModified":"2025-02-03T16:20:24.827","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"Improper Neutralization of Script-Related HTML Tags in a Web Page (Basic XSS) vulnerability in Strategy11 Form Builder Team Formidable Forms allows Code Injection.This issue affects Formidable Forms: from n/a through 6.7."},{"lang":"es","value":" neutralización incorrecta de etiquetas HTML relacionadas con scripts en una vulnerabilidad de página web (XSS básico) en Strategy11 Form Builder Team Formidable Forms permite la inyección de código. Este problema afecta a Formidable Forms: desde n/a hasta 6.7."}],"metrics":{"cvssMetricV31":[{"source":"audit@patchstack.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N","baseScore":5.3,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"LOW","availabilityImpact":"NONE"},"exploitabilityScore":3.9,"impactScore":1.4},{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N","baseScore":6.1,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"CHANGED","confidentialityImpact":"LOW","integrityImpact":"LOW","availabilityImpact":"NONE"},"exploitabilityScore":2.8,"impactScore":2.7}]},"weaknesses":[{"source":"audit@patchstack.com","type":"Secondary","description":[{"lang":"en","value":"CWE-80"}]},{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-79"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:strategy11:formidable_forms:*:*:*:*:free:wordpress:*:*","versionEndExcluding":"6.7.1","matchCriteriaId":"A0F0D9CF-C932-47C5-93D2-C8DACA4D9ABA"}]}]}],"references":[{"url":"https://patchstack.com/database/vulnerability/formidable/wordpress-formidable-forms-plugin-6-7-content-injection-vulnerability?_s_id=cve","source":"audit@patchstack.com","tags":["Third Party Advisory"]},{"url":"https://patchstack.com/database/vulnerability/formidable/wordpress-formidable-forms-plugin-6-7-content-injection-vulnerability?_s_id=cve","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory"]}]}}]}