216.73.216.215

CVE-2026-22422

· Published 19/02/2026 09:16 · Modified 20/02/2026 18:25

Labels: CVE-2026-22422 2026-02-19CVE-2026-22422CWE-80[email protected]

Essential information

Published
19/02/2026 09:16
Modified
20/02/2026 18:25
Author
Creator
CVSS
5.3 MEDIUM (v3.1)
CISA KEV
No
CWE
CVSS vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N

CVSS metrics

Description

Improper Neutralization of Script-Related HTML Tags in a Web Page (Basic XSS) vulnerability in wpeverest Everest Forms everest-forms allows Code Injection.This issue affects Everest Forms: from n/a through <= 3.4.1.

NVD status

Status
Awaiting Analysis — CVE has been marked for Analysis. Normally once in this state the CVE will be analyzed by NVD staff within 24 hours.
Source
[email protected]
NVD
View on NVD

Affected products (CPE)

ProductCPE
wpeverest / everest forms cpe:2.3:a:wpeverest:everest_forms:<3.4.1:*:*:*:*:*:*:*

References