First published: Tue Aug 13 2019(Updated: )
The contact-form-plugin plugin before 3.96 for WordPress has XSS.
Credit: cve@mitre.org
Affected Software | Affected Version | How to fix |
---|---|---|
Bestwebsoft Contact Form | <3.96 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
The vulnerability ID for the contact-form-plugin plugin before version 3.96 of WordPress is CVE-2015-9295.
The severity of CVE-2015-9295 is medium with a CVSS score of 6.1.
The affected software for CVE-2015-9295 is the contact-form-plugin plugin before version 3.96 for WordPress.
The CWE category for CVE-2015-9295 is CWE-79 (Cross-Site Scripting).
To fix the XSS vulnerability in the contact-form-plugin plugin, you should update to version 3.96 or higher.