2 matches found
CVE-2019-25145
The Contact Form & SMTP Plugin by PirateForms plugin for WordPress is vulnerable to HTML injection in the ‘public/class-pirateforms-public.php’ file in versions up to, and including, 2.5.1 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated...
CVE-2019-25145
CVE-2019-25145 concerns the WordPress plugin “Contact Form & SMTP Plugin by PirateForms.” The vulnerability affects public/class-pirateforms-public.php up to version 2.5.1 and stems from insufficient input sanitization and output escaping. This allows unauthenticated attackers to inject arbitrary...