WordPress Contact Form by TotalForm plugin <= 1.0.0 - Malicious Polyfill.io Embed vulnerability

Malicious Polyfill.io Embed vulnerability discovered by Sansec.io in WordPress Plugin Contact Form by TotalForm versions = 1.0.0...

WordPress Contact Form by TotalForm Plugin <= 1.0.0 is vulnerable to Backdoor

Software Contact Form by TotalForm Type Plugin Vulnerable versions = 1.0.0 Fixed in 1.1.0 OWASP Top 10 A3: Injection Classification Backdoor CVE N/A Patch priority Low CVSS severity Low 5.3 Developer Claim ownership PSID 0dad1dc6ec75 Credits Sansec.io Required privilege Unauthenticated Published ...