Lucene search
K

8 matches found

NVD
NVD
added 2026/02/14 7:16 a.m.3 views

CVE-2026-0753

The Super Simple Contact Form plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the 'sscfname' parameter in all versions up to, and including, 1.6.2 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject...

7.2CVSS0.00339EPSS
Exploits0References5
CVE
CVE
added 2026/02/14 6:42 a.m.14 views

CVE-2026-0753

Product affected: WordPress plugin “Super Simple Contact Form” (WP repository plugin). Vulnerability: Reflected Cross-Site Scripting via the request parameter sscf_name . Root cause: Insufficient input sanitization and output escaping in all versions up to and including 1.6.2. Impact: Unauthentic...

7.2CVSS5.8AI score0.00339EPSS
Exploits0References5
CNNVD
CNNVD
added 2026/02/14 12:0 a.m.10 views

WordPress plugin Super Simple Contact Form 跨站脚本漏洞

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application that can be install...

7.2CVSS5.8AI score0.00339EPSS
Exploits0References5
NVD
NVD
added 2011/11/02 9:55 p.m.14 views

CVE-2010-5038

PHP remote file inclusion vulnerability in contact/contact.php in Groone's Simple Contact Form allows remote attackers to execute arbitrary PHP code via a URL in the abspath parameter...

7.5CVSS7.5AI score0.01546EPSS
Exploits1References4
Prion
Prion
added 2011/11/02 9:55 p.m.9 views

Remote file inclusion

PHP remote file inclusion vulnerability in contact/contact.php in Groone's Simple Contact Form allows remote attackers to execute arbitrary PHP code via a URL in the abspath parameter...

7.5CVSS8AI score0.01546EPSS
Exploits1References4
Cvelist
Cvelist
added 2011/11/02 9:0 p.m.18 views

CVE-2010-5038

PHP remote file inclusion vulnerability in contact/contact.php in Groone's Simple Contact Form allows remote attackers to execute arbitrary PHP code via a URL in the abspath parameter...

7.5AI score0.01546EPSS
Exploits1References4
CVE
CVE
added 2011/11/02 9:0 p.m.35 views

CVE-2010-5038

The CVE-2010-5038 entry describes a PHP remote file inclusion vulnerability in Groone’s Simple Contact Form, specifically in contact/contact.php. The issue allows an attacker to cause arbitrary PHP code execution by supplying a malicious URL in the abspath parameter. Affected software component: ...

7.5CVSS7.8AI score0.01546EPSS
Exploits1References4Affected Software1
Prion
Prion
added 2007/08/03 8:17 p.m.18 views

Cross site scripting

Cross-site scripting XSS vulnerability in sample-forms/simple-contact-form-with-preview/simple-contact-form-with-preview.html in MitriDAT eMail Form Processor Pro allows remote attackers to inject arbitrary web script or HTML via the basepath parameter, possibly related to 1 formprocessorpro.php ...

4.3CVSS6.3AI score0.01065EPSS
Exploits0References5Affected Software1
Rows per page
Query Builder