CVE-2023-52135

HIGH

WS Form LITE < 1.9.170 - SQL Injection

Title source: llm
STIX 2.1

Description

Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in WS Form WS Form LITE – Drag & Drop Contact Form Builder for WordPress.This issue affects WS Form LITE – Drag & Drop Contact Form Builder for WordPress: from n/a through 1.9.170.

Scores

CVSS v3 7.6
EPSS 0.0048
EPSS Percentile 37.9%
Attack Vector NETWORK
CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:N/A:L

Details

CWE
CWE-89
Status published
Products (3)
Mark Westguard/WS Form LITE < 1.9.170
westguardsolutions/ws_form < 1.9.171
WS Form/WS Form LITE – Drag & Drop Contact Form Builder for WordPress < 1.9.170
Published Dec 29, 2023
Tracked Since Feb 18, 2026