Lucene search
K

5 matches found

Cvelist
Cvelist
added 2014/10/10 2:0 p.m.22 views

CVE-2014-7139

Multiple cross-site scripting XSS vulnerabilities in the Contact Form DB aka CFDB and contact-form-7-to-database-extension plugin before 2.8.16 for WordPress allow remote attackers to inject arbitrary web script or HTML via the 1 form or 2 enc parameter in the CF7DBPluginShortCodeBuilder page to...

5.8AI score0.02041EPSS
Exploits3References5
CVE
CVE
added 2014/10/10 2:0 p.m.46 views

CVE-2014-7139

CVE-2014-7139 documents two XSS vulnerabilities in the WordPress plugin Contact Form DB (aka CFDB/contact-form-7-to-database-extension) up to version 2.8.13. The root cause is insufficient sanitization in the CF7DBPluginShortCodeBuilder page, allowing an attacker to craft GET parameters (form and...

4.3CVSS5.8AI score0.02041EPSS
Exploits3References5Affected Software1
Packet Storm
Packet Storm
added 2014/10/10 12:0 a.m.60 views

WordPress Contact Form DB 2.8.13 Cross Site Scripting

Advisory ID: HTB23233 Product: Contact Form DB WordPress plugin Vendor: Michael Simpson Vulnerable Versions: 2.8.13 and probably prior Tested Version: 2.8.13 Advisory Publication: September 17, 2014 without technical details Vendor Notification: September 17, 2014 Vendor Patch: September 25, 2014...

4.3CVSS0.2AI score0.02041EPSS
Exploits3
0day.today
0day.today
added 2014/10/10 12:0 a.m.82 views

WordPress Contact Form DB 2.8.13 Cross Site Scripting Vulnerability

WordPress Contact Form DB plugin version 2.8.13 suffers from a cross site scripting vulnerability. Product: Contact Form DB WordPress plugin Vendor: Michael Simpson Vulnerable Versions: 2.8.13 and probably prior Tested Version: 2.8.13 Advisory Publication: September 17, 2014 without technical...

4.3CVSS5.9AI score0.02041EPSS
Exploits3
htbridge
htbridge
added 2014/09/17 12:0 a.m.53 views

Two XSS in Contact Form DB WordPress plugin

High-Tech Bridge Security Research Lab discovered two XSS vulnerabilities in Contact Form DB WordPress plugin, which can be exploited to perform Cross-Site Scripting XSS attacks against administrator of a WordPress website with vulnerable plugin installed. 1 Two Cross-Site Scripting XSS...

2.6CVSS0.1AI score0.02041EPSS
Exploits3Affected Software1
Rows per page
Query Builder