Cross site scripting

Cross-site scripting XSS vulnerability in xdresize.php in the Contact Form by ContactMe.com plugin 2.3 and earlier for WordPress allows remote attackers to inject arbitrary web script or HTML via the width parameter...

CVE-2014-4518

CVE-2014-4518 is a cross-site scripting vulnerability in the WordPress Contact Form Plugin (ContactMe.com)