2 matches found
CVE-2008-0198
Multiple cross-site request forgery CSRF vulnerabilities in wp-contact-form/options-contactform.php in the WP-ContactForm 1.5 alpha and earlier plugin for WordPress allow remote attackers to perform actions as administrators via the 1 wpcfquestion, 2 wpcfsuccessmsg, or 3 wpcferrormsg parameter to...
CVE-2008-0198
CVE-2008-0198 documents multiple CSRF vulnerabilities in the WP-ContactForm WordPress plugin (versions 1.5 alpha and earlier) affecting the admin endpoint. The flaw occurs in wp-admin/admin.php via parameters wpcf_question, wpcf_success_msg, or wpcf_error_msg, allowing remote attackers to perform...