WordPress Contact Form Clean and Simple plugin <= 4.7.0 - Authenticated Stored Cross-Site Scripting (XSS) vulnerability
- Contact Form Clean and Simple
- Authenticated Stored Cross-Site Scripting (XSS) vulnerability found by Jeroen Mulder in WordPress Contact Form Clean and Simple plugin (versions <= 4.7.0).
- 01.22.2020 - we were unable to find a patched version of this plugin.
Type XSS (Cross Site Scripting)
OWASP Top 10 A3: Cross Site Scripting (XSS)
- Name CVE-N/A
- Disclosure date
- Jeroen Mulder