Lucene search
WPScanCVELIST:CVE-2021-25063HistoryFeb 01, 2022 - 12:21 p.m.
CVE-2021-25063 Contact Form 7 Skins < 2.5.1 - Reflected Cross-Site Scripting (XSS)
2022-02-0112:21:35
CWE-79
WPScan
www.cve.org
0.001 Low
EPSS
Percentile
43.6%
The Skins for Contact Form 7 WordPress plugin before 2.5.1 does not sanitise and escape the tab parameter before outputting it back in an admin page, leading to a Reflected Cross-Site Scripting
CNA Affected
[
{
"product": "Skins for Contact Form 7",
"vendor": "Unknown",
"versions": [
{
"lessThan": "2.5.1",
"status": "affected",
"version": "2.5.1",
"versionType": "custom"
}
]
}
]Related
prion
prion
Cross site scripting
2022-02-01 13:15:00
nuclei
nuclei
WordPress Contact Form 7 Skins <=2.5.0 - Cross-Site Scripting
2022-02-19 11:24:34
nvd
nvd
CVE-2021-25063
2022-02-01 13:15:09
wpvulndb
wpvulndb
Contact Form 7 Skins < 2.5.1 - Reflected Cross-Site Scripting (XSS)
2022-01-03 00:00:00
cnvd
cnvd
WordPress Contact Form 7 Skins plugin cross-site scripting vulnerability
2022-02-10 00:00:00
patchstack
patchstack
cve
cve
CVE-2021-25063
2022-02-01 13:15:09
wpexploit
wpexploit
Contact Form 7 Skins < 2.5.1 - Reflected Cross-Site Scripting (XSS)
2022-01-03 00:00:00