First published: Thu Jun 16 2022(Updated: )
A vulnerability classified as problematic has been found in BestWebSoft Contact Form Plugin 4.0.0. This affects an unknown part. The manipulation leads to basic cross site scripting (Stored). It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. Upgrading to version 4.0.2 is able to address this issue. It is recommended to upgrade the affected component.
Credit: cna@vuldb.com
Affected Software | Affected Version | How to fix |
---|---|---|
Bestwebsoft Contact Form | =4.0.0 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
The severity of CVE-2017-20055 is medium with a CVSS score of 5.4.
The affected software of CVE-2017-20055 is BestWebSoft Contact Form Plugin version 4.0.0.
The CWE of CVE-2017-20055 is CWE-79 and CWE-80.
CVE-2017-20055 allows remote attackers to execute basic cross-site scripting attacks.
To fix CVE-2017-20055, update the BestWebSoft Contact Form Plugin to a version that is not affected by the vulnerability.