5 matches found
CVE-2021-47926
Contact Form to Email 1.3.24 contains a stored cross-site scripting vulnerability that allows authenticated attackers to inject malicious scripts by creating forms with script tags in the form name field. Attackers can craft form names containing JavaScript code that executes when other logged-in...
CVE-2021-47926 WordPress Contact Form to Email 1.3.24 Stored XSS
Contact Form to Email 1.3.24 contains a stored cross-site scripting vulnerability that allows authenticated attackers to inject malicious scripts by creating forms with script tags in the form name field. Attackers can craft form names containing JavaScript code that executes when other logged-in...
WordPress Plugin Contact Form to Email 跨站脚本漏洞
WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application extension. The...
WordPress Contact Form to Email Plugin <= 1.3.52 - Cross Site Scripting (XSS) vulnerability
Cross Site Scripting XSS vulnerability discovered by Roby Firnando Yusuf in WordPress Plugin Contact Form Email versions = 1.3.52...
CVE-2018-20963
CVE-2018-20963 affects the WordPress plugin contact-form-to-email , versions prior to 1.2.66. The vulnerability is a cross-site scripting (XSS) flaw caused by insufficient validation of client-side data in the plugin, enabling an attacker to execute arbitrary script in a victim’s browser. Public ...