First published: Tue Aug 13 2019(Updated: )
The contact-form-plugin plugin before 3.52 for WordPress has XSS.
Credit: cve@mitre.org
Affected Software | Affected Version | How to fix |
---|---|---|
Bestwebsoft Contact Form | <3.52 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
CVE-2013-7475 is a vulnerability in the contact-form-plugin plugin before version 3.52 for WordPress that allows for cross-site scripting (XSS) attacks.
CVE-2013-7475 has a severity level of medium, with a CVSS score of 6.1.
The Bestwebsoft Contact Form plugin versions up to, but not including, 3.52 for WordPress are affected by CVE-2013-7475.
To fix CVE-2013-7475, update the contact-form-plugin plugin to version 3.52 or higher.
Additional information about CVE-2013-7475 can be found at the official WordPress plugin page: https://wordpress.org/plugins/contact-form-plugin/#developers