2 matches found
CVE-2014-6445
Multiple cross-site scripting XSS vulnerabilities in includes/toAdmin.php in Contact Form 7 Integrations plugin 1.0 through 1.3.10 for WordPress allow remote attackers to inject arbitrary web script or HTML via the 1 uE or 2 uC parameter...
CVE-2014-6445
CVE-2014-6445 concerns the WordPress plugin Contact Form 7 Integrations (includes/toAdmin.php) with multiple XSS vulnerabilities in versions 1.0–1.3.10. The flaws allow remote attackers to inject arbitrary script/HTML via the uE or uC parameters. Public references (NVD, WPVulndb, OpenVAS entries,...