10 matches found
EUVD-2024-50978
Malicious code in bioql PyPI...
CVE-2024-12587
The Contact Form Master WordPress plugin through 1.0.7 does not sanitise and escape a parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting which could be used against high privilege users such as admin...
WordPress Contact Form Master plugin <= 1.0.7 - Reflected XSS vulnerability
Reflected XSS vulnerability discovered by Hassan Khan Yusufzai - Splint3r7 in WordPress Plugin Contact Form Master – by Edmon versions = 1.0.7...
CVE-2024-12587
The Contact Form Master WordPress plugin through 1.0.7 does not sanitise and escape a parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting which could be used against high privilege users such as admin...
CVE-2024-12587
The Contact Form Master WordPress plugin through 1.0.7 does not sanitise and escape a parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting which could be used against high privilege users such as admin...
CVE-2024-12587 Contact Form Master <= 1.0.7 - Reflected XSS
The Contact Form Master WordPress plugin through 1.0.7 does not sanitise and escape a parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting which could be used against high privilege users such as admin...
CVE-2024-12587
The CVE CVE-2024-12587 affects the WordPress plugin Contact Form Master (≤1.0.7). Description: it does not sanitize/escape a parameter before outputting it, enabling a Reflected Cross-Site Scripting that could target admin-level users. Connected sources corroborate the Reflected XSS vector and th...
CVE-2024-12587 Contact Form Master <= 1.0.7 - Reflected XSS
The Contact Form Master WordPress plugin through 1.0.7 does not sanitise and escape a parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting which could be used against high privilege users such as admin...
PT-2025-1902 · WordPress · Contact Form Maker
The vulnerable software is the Contact Form Master WordPress plugin, with versions up to 1.0.7 being affected. The vulnerability is a Reflected Cross-Site Scripting XSS vulnerability, which occurs because the plugin does not sanitize and escape a parameter before outputting it back in the page...
WordPress plugin Contact Form Master 安全漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation. WordPress is a blogging platform developed in the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability exis...