Vulnerabilities ›

CVE-2022-50960

Medium

CWE-79 — Weakness Type

                    Published: May 10, 2026                      ·  Modified: May 13, 2026                      ·  Source: NVD                

CVSS v3

6.1

🔗 NVD Official

📄 Description (English)

WordPress International Sms For Contact Form 7 Integration version 1.2 contains a reflected cross-site scripting vulnerability in the page parameter of the admin settings interface. Attackers can inject malicious scripts through the page parameter in class-sms-log-display.php to execute arbitrary JavaScript in administrator browsers.

🤖 AI Executive Summary

CVE-2022-50960 is a reflected XSS vulnerability in WordPress International SMS for Contact Form 7 Integration v1.2 affecting the admin settings interface. Attackers can inject malicious scripts via the page parameter to execute arbitrary JavaScript in administrator browsers, potentially leading to account compromise and unauthorized administrative actions. No patch is currently available, requiring immediate compensating controls.

📄 Description (Arabic)

🤖 AI Intelligence Analysis Analyzed: May 23, 2026 03:40

🇸🇦 Saudi Arabia Impact Assessment

Saudi organizations using WordPress with Contact Form 7 for customer communications (banking customer service portals, government citizen services, healthcare appointment systems, telecom customer support) face significant risk. Government agencies and financial institutions are particularly vulnerable as compromised admin accounts could lead to data theft, malware distribution, or service disruption. The vulnerability affects administrative interfaces where sensitive configurations and customer data are managed.

🏢 Affected Saudi Sectors

Banking and Financial Services Government and Public Administration Healthcare Telecommunications E-commerce Education

🎯 MITRE ATT&CK Techniques

T1598 - Phishing T1566 - Phishing T1190 - Exploit Public-Facing Application T1059 - Command and Scripting Interpreter T1547 - Boot or Logon Autostart Execution T1078 - Valid Accounts

⚖️ Saudi Risk Score (AI)

6.8

/ 10.0

🔧 Remediation Steps (English)

IMMEDIATE ACTIONS:

1. Disable or remove WordPress International SMS for Contact Form 7 Integration v1.2 immediately if not actively required

2. Audit admin access logs for suspicious activity in the past 30 days

3. Force password reset for all WordPress administrator accounts

4. Review admin session logs for unauthorized access patterns



COMPENSATING CONTROLS:

1. Implement Web Application Firewall (WAF) rules to block requests containing script tags in the 'page' parameter

2. Restrict admin interface access to specific IP ranges/VPN only

3. Enable WordPress security plugins with XSS protection (Wordfence, Sucuri)

4. Implement Content Security Policy (CSP) headers to prevent inline script execution

5. Deploy admin login notifications and 2FA for all administrator accounts

6. Monitor for plugin updates and upgrade to patched version immediately when available



DETECTION:

1. Monitor access logs for page parameter containing: <script, javascript:, onerror=, onload=

2. Alert on admin interface access from unusual geographic locations

3. Track changes to WordPress user roles and capabilities

4. Monitor for new admin account creation

🔧 خطوات المعالجة (العربية)

الإجراءات الفورية:

1. قم بتعطيل أو إزالة International SMS for Contact Form 7 Integration v1.2 فوراً إذا لم تكن مطلوبة بنشاط

2. تدقيق سجلات الوصول للمسؤول عن آخر 30 يوماً

3. فرض إعادة تعيين كلمة المرور لجميع حسابات مسؤول WordPress

4. مراجعة سجلات جلسات المسؤول للأنشطة المريبة

الضوابط التعويضية:

1. تطبيق قواعد جدار حماية تطبيقات الويب لحجب الطلبات التي تحتوي على علامات البرامج النصية في معامل 'page'

2. تقييد الوصول لواجهة المسؤول على نطاقات IP محددة أو VPN فقط

3. تفعيل مكونات إضافية أمان WordPress مع حماية XSS

4. تطبيق رؤوس Content Security Policy لمنع تنفيذ البرامج النصية المضمنة

5. نشر إشعارات تسجيل دخول المسؤول و2FA لجميع حسابات المسؤول

6. مراقبة تحديثات المكونات الإضافية والترقية للإصدار المصحح فوراً

الكشف:

1. مراقبة سجلات الوصول لمعامل page يحتوي على: <script, javascript:, onerror=, onload=

2. تنبيهات الوصول لواجهة المسؤول من مواقع جغرافية غير عادية

3. تتبع التغييرات في أدوار وقدرات مستخدمي WordPress

4. مراقبة إنشاء حسابات مسؤول جديدة

📋 Regulatory Compliance Mapping

🟢 NCA ECC 2024

5.1.1 - Access Control and Authentication 5.2.1 - User Access Management 6.1.1 - Security Event Logging 6.2.1 - Protection Against Malware

🔵 SAMA CSF

ID.AM-1 - Asset Management PR.AC-1 - Access Control PR.PT-1 - Security Awareness and Training DE.CM-1 - Detection and Analysis

🟡 ISO 27001:2022

A.5.15 - Access Control A.6.2 - User Access Management A.8.3 - Cryptography A.12.4 - Logging

🟣 PCI DSS v4.0.1

Requirement 6.5.1 - Injection Flaws Requirement 6.5.7 - Cross-Site Scripting (XSS) Requirement 8.2 - User Identification and Authentication

🔗 References & Sources 3

🔗

https://wordpress.org/plugins/cf7-international-sms-integration/

disclosure@vulncheck.com

🔗

https://www.exploit-db.com/exploits/50719

disclosure@vulncheck.com

🔗

https://www.vulncheck.com/advisories/wordpress-international-sms-contact-form-7-integra...

disclosure@vulncheck.com

📊 CVSS Score

6.1

/ 10.0 — Medium

📊 CVSS Vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

Attack VectorN — None / Network

Attack ComplexityL — Low / Local

Privileges RequiredN — None / Network

User InteractionR — Required

ScopeC — Changed

ConfidentialityL — Low / Local

IntegrityL — Low / Local

AvailabilityN — None / Network

📋 Quick Facts

Severity Medium

CVSS Score6.1

CWECWE-79

EPSS0.03%

Exploit No

Patch ✗ No

Published 2026-05-10

Source Feed nvd

🇸🇦 Saudi Risk Score

6.8

/ 10.0 — Saudi Risk

Priority: HIGH

🏷️ Tags

CWE-79

⚡ Actions

🔗 NVD Official Page ⚡ Exploit-DB Search 🐙 GitHub PoC Search 🎯 MITRE ATT&CK 📊 CVE Details

CVE-2022-50960

Introduce Yourself

Sign In Required