3 matches found
CVE-2014-3841
Cross-site scripting XSS vulnerability in the Contact Bank plugin before 2.0.20 for WordPress allows remote attackers to inject arbitrary web script or HTML via the Label field, related to form layout configuration. NOTE: some of these details are obtained from third party information...
CVE-2014-3841
The CVE-2014-3841 issue affects the WordPress Contact Bank Plugin (pre-2.0.20). The vulnerability is a stored/reflected XSS via the Label field tied to the plugin’s form layout configuration, allowing remote attackers to inject arbitrary script/HTML. Root cause: improper handling of input in the ...
CVE-2014-3841
Cross-site scripting XSS vulnerability in the Contact Bank plugin before 2.0.20 for WordPress allows remote attackers to inject arbitrary web script or HTML via the Label field, related to form layout configuration. NOTE: some of these details are obtained from third party information...