Lucene search
China National Vulnerability DatabaseCNVD-2022-21732HistoryJan 14, 2022 - 12:00 a.m.
WordPress Contact Form Entries Plugin Security Vulnerability
2022-01-1400:00:00
China National Vulnerability Database
www.cnvd.org.cn
9
wordpress
contact form entries
xss
php
mysql
vulnerability
cross-site scripting
data validation
unauthenticated attacker
javascript code
EPSS
0.001
Percentile
43.5%
WordPress is the Wordpress Foundation’s suite of blogging platforms developed using the PHP language. The platform supports personal blogging sites on PHP and MySQL servers. WordPress Contact Form Entries Plugin has a cross-site scripting vulnerability in versions prior to 1.2.4, which stems from the plugin’s lack of data validation filtering of user-supplied data and output. An unauthenticated attacker could exploit the vulnerability to execute JavaScript code on the client side.
Related
prion
prion
Code injection
2022-01-24 08:15:00
wpvulndb
wpvulndb
Contact Form Entries < 1.2.4 - Reflected Cross-Site Scripting
2021-11-14 00:00:00
wpexploit
wpexploit
Contact Form Entries < 1.2.4 - Reflected Cross-Site Scripting
2021-11-14 00:00:00
nvd
nvd
CVE-2021-25079
2022-01-24 08:15:09
zdt
zdt
WordPress Contact Form Entries Cross Site Scripting Vulnerability
2022-01-10 00:00:00
cve
cve
CVE-2021-25079
2022-01-24 08:15:09
nuclei
nuclei
Contact Form Entries < 1.2.4 - Cross-Site Scripting
2023-10-17 07:20:28
cvelist
cvelist
CVE-2021-25079 Contact Form Entries < 1.2.4 - Reflected Cross-Site Scripting
2022-01-24 08:01:27
packetstorm
packetstorm
WordPress Contact Form Entries Cross Site Scripting
2022-01-10 00:00:00