Lucene search
China National Vulnerability DatabaseCNVD-2022-19813HistoryFeb 10, 2022 - 12:00 a.m.
WordPress Contact Form 7 Skins plugin cross-site scripting vulnerability
2022-02-1000:00:00
China National Vulnerability Database
www.cnvd.org.cn
11
0.001 Low
EPSS
Percentile
43.6%
WordPress is a set of blogging platforms developed by the WordPress Foundation using the PHP language. WordPress Contact Form 7 Skins plugin in version 2.5.0 and earlier has a cross-site scripting vulnerability that stems from the tab parameter not being escaped before being output to the admin page, which can be exploited by attackers to client-side execution of JavaScript code.
| CPE | Name | Operator | Version |
|---|---|---|---|
| WordPress Contact Form 7 Skins plugin | le | 2.5.0 |
Related
prion
prion
Cross site scripting
2022-02-01 13:15:00
nuclei
nuclei
WordPress Contact Form 7 Skins <=2.5.0 - Cross-Site Scripting
2022-02-19 11:24:34
nvd
nvd
CVE-2021-25063
2022-02-01 13:15:09
wpvulndb
wpvulndb
Contact Form 7 Skins < 2.5.1 - Reflected Cross-Site Scripting (XSS)
2022-01-03 00:00:00
cvelist
cvelist
patchstack
patchstack
cve
cve
CVE-2021-25063
2022-02-01 13:15:09
wpexploit
wpexploit
Contact Form 7 Skins < 2.5.1 - Reflected Cross-Site Scripting (XSS)
2022-01-03 00:00:00