2 matches found
CVE-2014-7240
Cross-site scripting XSS vulnerability in the Easy Contact Form Solution plugin before 1.7 for WordPress allows remote attackers to inject arbitrary web script or HTML via the value parameter in a masterresponse action to wp-admin/admin-ajax.php...
CVE-2014-7240
CVE-2014-7240 describes an XSS in the WordPress plugin Easy Contact Form Solution (versions prior to 1.7). The vulnerability arises in the master_response action to wp-admin/admin-ajax.php, where an attacker can inject arbitrary script or HTML via the value parameter. Affected component: Easy Con...