Cross-Site Request Forgery (CSRF) vulnerability leading to Stored Cross-Site Scripting (XSS) discovered by Yuga Futatsuki (Cryptography Laboratory in Tokyo Denki University) in WordPress Contact Form With Captcha plugin (versions <= 1.6.7).
Update the WordPress Contact Form With Captcha plugin to the latest available version (at least 1.6.8).
CPE | Name | Operator | Version |
---|---|---|---|
contact form with captcha | le | 1.6.7 |