68 matches found
Multiple Vulnerabilities in WordPress Contact Form Manager Plugin
WordPress is the WordPress Software Foundation of a set of blogging platform developed using the PHP language , the platform supports PHP and MySQL server set up a personal blog site . Cross-site scripting and cross-site request forgery vulnerabilities exist in the WordPress Contact Form Manager...
WordPress Plugin Contact Form Manager - Cross-Site Request Forgery Cross-Site Scripting
WordPress Plugin Contact Form Manager - Cross-Site Request Forgery Cross-Site Scripting !-- Source: https://sumofpwn.nl/advisory/2016/crosssiterequestforgerycrosssitescriptingincontactformmanagerwordpressplugin.html Abstract It was discovered that Contact Form Manager does not protect against...
WordPress Contact Form Manager Plugin - Cross-Site Request Forgery / Cross-Site Scripting Vulnerabil
Exploit for php platform in category web applications !-- Source: https://sumofpwn.nl/advisory/2016/crosssiterequestforgerycrosssitescriptingincontactformmanagerwordpressplugin.html Abstract It was discovered that Contact Form Manager does not protect against Cross-Site Request Forgery. This allo...
WordPress Plugin Contact Form Manager - Cross-Site Request Forgery / Cross-Site Scripting
!-- Source: https://sumofpwn.nl/advisory/2016/crosssiterequestforgerycrosssitescriptingincontactformmanagerwordpressplugin.html Abstract It was discovered that Contact Form Manager does not protect against Cross-Site Request Forgery. This allows an attacker to change arbitrary Contact Form Manage...
Contact Form Manager - CSRF & Cross-Site Scripting (XSS)
The Contact Form Manager WordPress plugin was affected by a CSRF & Cross-Site Scripting XSS security vulnerability...
WordPress Contact Form Manager Plugin <= 1.4.1 - Reflected Cross Site Scripting
Because of this vulnerability, the attackers can inject arbitrary JavaScript or HTML code. Solution Update the plugin...
Contact Form Manager <= 1.4.1 - Authenticated Reflected Cross-Site Scripting (XSS)
The Contact Form Manager WordPress plugin was affected by an Authenticated Reflected Cross-Site Scripting XSS security vulnerability...
Form Manager <= 1.7.2 - Authenticated Remote Comm& Execution (RCE)
The wordpress-form-manager WordPress plugin was affected by an Authenticated Remote Comm& Execution RCE security vulnerability...