First published: Thu Aug 22 2019(Updated: )
The contact-form-plugin plugin before 3.3.5 for WordPress has XSS.
Credit: cve@mitre.org
Affected Software | Affected Version | How to fix |
---|---|---|
Bestwebsoft Contact Form | <3.3.5 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
CVE-2013-7481 is a vulnerability in the contact-form-plugin plugin before version 3.3.5 for WordPress that allows for cross-site scripting (XSS) attacks.
CVE-2013-7481 has a severity rating of medium with a CVSS score of 6.1.
The Bestwebsoft Contact Form WordPress plugin versions up to and excluding 3.3.5 are affected by CVE-2013-7481.
To fix CVE-2013-7481, update the contact-form-plugin plugin to version 3.3.5 or newer.
More information about CVE-2013-7481 can be found at the official WordPress plugin page: https://wordpress.org/plugins/contact-form-plugin/#developers