First published: Tue Aug 13 2019(Updated: )
The contact-form-to-db plugin before 1.5.7 for WordPress has multiple XSS issues.
Credit: cve@mitre.org
Affected Software | Affected Version | How to fix |
---|---|---|
Bestwebsoft Contact Form To Db Wordpress | <1.5.7 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
CVE-2017-18492 is a vulnerability in the contact-form-to-db plugin before version 1.5.7 for WordPress that allows for multiple XSS (Cross-Site Scripting) issues.
CVE-2017-18492 has a severity rating of medium with a CVSS score of 6.1.
The affected software is the contact-form-to-db plugin before version 1.5.7 for WordPress.
To fix CVE-2017-18492, you should update the contact-form-to-db plugin to version 1.5.7 or higher.
You can find more information about CVE-2017-18492 on the official WordPress plugin page: https://wordpress.org/plugins/contact-form-to-db/#developers