5 matches found
CVE-2021-42358
creationtimestamp| type| source ---|---|--- 2021-11-29 22:33:33+00:00| seen| https://t.me/cibsecurity/33055...
CVE-2021-42358
The Contact Form With Captcha WordPress plugin is vulnerable to Cross-Site Request Forgery due to missing nonce validation in the /cfwc-form.php file during contact form submission, which made it possible for attackers to inject arbitrary web scripts in versions up to, and including 1.6.2...
CVE-2021-42358 Contact Form With Captcha <= 1.6.2 Cross-Site Request Forgery to Reflected Cross-Site Scripting
The Contact Form With Captcha WordPress plugin is vulnerable to Cross-Site Request Forgery due to missing nonce validation in the /cfwc-form.php file during contact form submission, which made it possible for attackers to inject arbitrary web scripts in versions up to, and including 1.6.2...
CVE-2021-42358
The WordPress plugin “Contact Form With Captcha” is vulnerable to Cross-Site Request Forgery (CSRF) due to missing nonce validation in the cfwc-form.php submission path, affecting versions up to 1.6.2. Connected sources corroborate this CSRF flaw and note the vulnerability can enable injection of...
CVE-2021-42358 Contact Form With Captcha <= 1.6.2 Cross-Site Request Forgery to Reflected Cross-Site Scripting
The Contact Form With Captcha WordPress plugin is vulnerable to Cross-Site Request Forgery due to missing nonce validation in the /cfwc-form.php file during contact form submission, which made it possible for attackers to inject arbitrary web scripts in versions up to, and including 1.6.2...