3 matches found
CVE-2023-32520
Missing Authorization vulnerability in Webcodin WCP Contact Form allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WCP Contact Form: from n/a through 3.1.0...
CVE-2023-32519
Missing Authorization vulnerability in Webcodin WCP Contact Form allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WCP Contact Form: from n/a through 3.1.0...
CVE-2023-22703
CVE-2023-22703 concerns the WordPress plugin WCP Contact Form by Webcodin, with a Reflected Cross-Site Scripting (XSS) vulnerability in versions ≤ 3.1.0. The root cause is insufficient sanitisation of the tab parameter, causing unauthenticated, network-exposed but user-initiated (UI: REQUIRED) XS...