2 matches found
CVE-2014-4583
Multiple cross-site scripting XSS vulnerabilities in forms/messages.php in the WP-Contact wp-contact-sidebar-widget plugin 1.0 and earlier for WordPress allow remote attackers to inject arbitrary web script or HTML via the 1 edit, 2 orderdirection, 3 limitstart, 4 id, or 5 order parameter...
CVE-2014-4583
CVE-2014-4583 affects the WP-Contact (wp-contact-sidebar-widget) WordPress plugin (versions 1.0 and earlier). Multiple reflected XSS vulnerabilities exist in forms/messages.php, exploitable via the parameters edit, order_direction, limit_start, id, and order, allowing remote attackers to inject a...