ThreatPress

WordPress Vulnerabilities Database

Back

WordPress Contact Form DB Plugin <= 2.8.17 - Reflected XSS

Product
Contact Form DB
Description
This plugin is prone to a reflected cross site scripting vulnerability in Admin Area.
Solution
Update the plugin.
Classification
Type XSS (Cross Site Scripting)
OWASP Top 10 A3: Cross Site Scripting (XSS)
References
Software Talk
CVE
Name CVE-N/A
Versions
Affected In <= 2.8.17
Fixed In 2.8.18
Disclosure date
2014-11-26
Submitter
ThreatPress