3 matches found
CVE-2017-18489
The contact-form-7-sms-addon plugin before 2.4.0 for WordPress has XSS...
CVE-2017-18489
The contact-form-7-sms-addon plugin before 2.4.0 for WordPress has XSS...
CVE-2017-18489
CVE-2017-18489 affects the WordPress plugin Contact Form 7 SMS Addon prior to v2.4.0. The vulnerability is a reflected XSS in the file that prints the GET parameter 'to' (vulnerability in plugins/clockwork-two-factor-authentication/templates/clockwork-test-message.php per PoC). Exploitation targe...