Lucene search
PRIOn knowledge basePRION:CVE-2021-42358HistoryNov 29, 2021 - 7:15 p.m.
Cross site request forgery (csrf)
2021-11-2919:15:00
PRIOn knowledge base
www.prio-n.com
3
The Contact Form With Captcha WordPress plugin is vulnerable to Cross-Site Request Forgery due to missing nonce validation in the ~/cfwc-form.php file during contact form submission, which made it possible for attackers to inject arbitrary web scripts in versions up to, and including 1.6.2.
| CPE | Name | Operator | Version |
|---|---|---|---|
| contact_form_with_captcha | le | 1.6.2 |
Related
cnvd
cnvd
WordPress Plugin Cross-Site Request Forgery Vulnerability (CNVD-2021-102810)
2021-12-01 00:00:00
nvd
nvd
CVE-2021-42358
2021-11-29 19:15:07
cve
cve
CVE-2021-42358
2021-11-29 19:15:07
wpvulndb
wpvulndb
Contact Form With Captcha <= 1.6.2 - CSRF to Stored Cross-Site Scripting
2021-11-29 00:00:00
cvelist
cvelist
patchstack
patchstack