CVE-2022-23988

MEDIUM LAB

WS Form LITE and Pro < 1.8.176 - Unauthenticated Stored Cross-Site Scripting via Form Submission

Title source: llm
STIX 2.1

Exploitation Summary

EIP tracks 1 public exploit for CVE-2022-23988. PoCs published by simonepetruzzi.

AI-analyzed exploit summary This repository contains a proof-of-concept for CVE-2022-23988, an XSS vulnerability in WS Form plugin versions prior to 1.8.176. The PoC demonstrates how an unauthenticated user can inject malicious JavaScript via a form field, which executes when viewed in the admin panel.

Description

The WS Form LITE and Pro WordPress plugins before 1.8.176 do not sanitise and escape submitted form data, allowing unauthenticated attacker to submit XSS payloads which will get executed when a privileged user will view the related submission

Exploits (1)

nomisec WORKING POC
by simonepetruzzi · poc
https://github.com/simonepetruzzi/WebSecurityProject

This repository contains a proof-of-concept for CVE-2022-23988, an XSS vulnerability in WS Form plugin versions prior to 1.8.176. The PoC demonstrates how an unauthenticated user can inject malicious JavaScript via a form field, which executes when viewed in the admin panel.

Classification
Working Poc 90%
Attack Type
Xss
Complexity
Trivial
Reliability
Reliable
Target: WS Form < 1.8.176
No auth needed
Prerequisites: Access to a vulnerable WS Form installation
mistral-large-3 · analyzed Feb 16, 2026 Full analysis →

References (1)

Core 1
Core References
Exploit, Third Party Advisory x_refsource_misc
https://wpscan.com/vulnerability/9d5738f9-9a2e-4878-8a03-745894420bf6

Scores

CVSS v3 6.1
EPSS 0.0220
EPSS Percentile 80.5%
Attack Vector NETWORK
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

Lab Environment

COMMUNITY
Community Lab
docker pull wordpress:latest

Details

CWE
CWE-79
Status published
Products (1)
westguardsolutions/ws_form < 1.8.176 (2 CPE variants)
Published Feb 28, 2022
Tracked Since Feb 18, 2026