WordPress is the Wordpress Foundation’s set of blogging platform developed using the PHP language. The platform supports the hosting of personal blog sites on PHP and MySQL servers. WordPress plugin is a WordPress open source application plugin. WordPress plugin Contact Form With Captcha 1.6.2 and its previous versions exist cross-site request forgery vulnerability, the vulnerability originates when submitting a contact form ~ cfwc-form.php file is missing nonce validation, the plugin is vulnerable to cross-site request forgery attacks, attackers can use the vulnerability to inject arbitrary web scripts.
CPE | Name | Operator | Version |
---|---|---|---|
wordpress contact form with captcha | le | 1.6.2 |