28 matches found
EUVD-2017-11069
Malware in sbrugna...
EUVD-2017-11068
Malware in sbrugna...
EUVD-2024-27250
Malicious code in bioql PyPI...
CVE-2017-20053
A vulnerability was found in XYZScripts Contact Form Manager Plugin. It has been declared as problematic. Affected by this vulnerability is an unknown functionality. The manipulation leads to cross-site request forgery. The attack can be launched remotely. The exploit has been disclosed to the...
WordPress Contact Form Manager plugin <= 1.6 - Authenticated (Contributor+) Stored Cross-Site Scripting vulnerability
Authenticated Contributor+ Stored Cross-Site Scripting vulnerability discovered by ruphail in WordPress Plugin Contact Form Manager versions = 1.6...
WordPress Contact Form Manager Plugin <= 1.6 is vulnerable to Cross Site Scripting (XSS)
Software Contact Form Manager Type Plugin Vulnerable versions = 1.6 Fixed in 1.6.1 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2024-2295 Patch priority Low CVSS severity Low 6.5 Developer Claim ownership PSID 163bd6f2f229 Credits ruphail Required...
CVE-2024-2295
The Contact Form Manager plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's xyz-cfm-form shortcode in all versions up to, and including, 1.6.1 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for...
WordPress plugin Contact Form Manager Cross-Site Request Forgery Vulnerability
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A cross-site request forger...
WordPress plugin Contact Form Manager Cross-Site Scripting Vulnerability
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A cross-site scripting...
CVE-2017-20054
A vulnerability was found in XYZScripts Contact Form Manager Plugin. It has been rated as problematic. Affected by this issue is some unknown functionality. The manipulation leads to basic cross site scripting. The attack may be launched remotely. The exploit has been disclosed to the public and...
CVE-2017-20053
A vulnerability was found in XYZScripts Contact Form Manager Plugin. It has been declared as problematic. Affected by this vulnerability is an unknown functionality. The manipulation leads to cross-site request forgery. The attack can be launched remotely. The exploit has been disclosed to the...
Cross site request forgery (csrf)
A vulnerability was found in XYZScripts Contact Form Manager Plugin. It has been declared as problematic. Affected by this vulnerability is an unknown functionality. The manipulation leads to cross-site request forgery. The attack can be launched remotely. The exploit has been disclosed to the...
Cross site scripting
A vulnerability was found in XYZScripts Contact Form Manager Plugin. It has been rated as problematic. Affected by this issue is some unknown functionality. The manipulation leads to basic cross site scripting. The attack may be launched remotely. The exploit has been disclosed to the public and...
CVE-2017-20054
CVE-2017-20054 concerns a basic cross-site scripting vulnerability in the XYZScripts Contact Form Manager Plugin (WordPress ecosystem). The issue affects an unspecified portion of functionality, can be triggered remotely, and the exploit has been disclosed publicly. The connected records confirm ...
CVE-2017-20054 XYZScripts Contact Form Manager Plugin cross site scriting
A vulnerability was found in XYZScripts Contact Form Manager Plugin. It has been rated as problematic. Affected by this issue is some unknown functionality. The manipulation leads to basic cross site scripting. The attack may be launched remotely. The exploit has been disclosed to the public and...
CVE-2017-20054 XYZScripts Contact Form Manager Plugin cross site scriting
A vulnerability was found in XYZScripts Contact Form Manager Plugin. It has been rated as problematic. Affected by this issue is some unknown functionality. The manipulation leads to basic cross site scripting. The attack may be launched remotely. The exploit has been disclosed to the public and...
CVE-2017-20053 XYZScripts Contact Form Manager Plugin cross-site request forgery
A vulnerability was found in XYZScripts Contact Form Manager Plugin. It has been declared as problematic. Affected by this vulnerability is an unknown functionality. The manipulation leads to cross-site request forgery. The attack can be launched remotely. The exploit has been disclosed to the...
CVE-2017-20053
The CVE-2017-20053 affects the XYZScripts Contact Form Manager Plugin for WordPress. It is a cross-site request forgery in an unknown functionality that can be exploited remotely to change settings; no privileges are required but user interaction is needed. No patch/version remediation details ar...
WordPress plugin Contact Form Manager 跨站请求伪造漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A cross-site request forger...
WordPress plugin Contact Form Manager 跨站脚本漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A cross-site scripting...