CVE-2014-7240
CVE-2014-7240 describes an XSS in the WordPress plugin Easy Contact Form Solution (versions prior to 1.7). The vulnerability arises in the master_response action to wp-admin/admin-ajax.php, where an attacker can inject arbitrary script or HTML via the value parameter. Affected component: Easy Con...