First published: Tue Aug 13 2019(Updated: )
The contact-form-multi plugin before 1.2.1 for WordPress has multiple XSS issues.
Credit: cve@mitre.org
Affected Software | Affected Version | How to fix |
---|---|---|
Bestwebsoft Contact Form Multi Wordpress | <1.2.1 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
CVE-2017-18490 is a vulnerability found in the contact-form-multi plugin before version 1.2.1 for WordPress, which allows for multiple XSS (Cross-Site Scripting) attacks.
The severity of CVE-2017-18490 is rated as medium, with a CVSS score of 6.1.
CVE-2017-18490 affects the contact-form-multi plugin before version 1.2.1 for WordPress, introducing multiple XSS issues.
To fix CVE-2017-18490, it is recommended to update the contact-form-multi plugin to version 1.2.1 or later.
More information about CVE-2017-18490 can be found at the following link: [link](https://wordpress.org/plugins/contact-form-multi/#developers).