First published: Tue Aug 13 2019(Updated: )
The contact-form-plugin plugin before 4.0.6 for WordPress has multiple XSS issues.
Credit: cve@mitre.org
Affected Software | Affected Version | How to fix |
---|---|---|
Bestwebsoft Contact Form | <4.0.6 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
The vulnerability ID for the contact-form-plugin for WordPress is CVE-2017-18491.
The severity of CVE-2017-18491 is medium.
The affected software for CVE-2017-18491 is the contact-form-plugin plugin before version 4.0.6 for WordPress.
The Common Weakness Enumeration (CWE) for CVE-2017-18491 is CWE-79.
To fix the XSS issues in the contact-form-plugin for WordPress, you should upgrade to version 4.0.6 or later of the plugin.