CVE-2022-0248
Contact Form Submissions < 1.7.3 - Unauthenticated Stored XSS
The Contact Form Submissions WordPress plugin before 1.7.3 does not sanitise and escape additional fields in contact form requests before outputting them in the related submission. As a result, unauthenticated attacker could perform Cross-Site Scripting attacks against admins viewing the malicious submission
Produtos afetados
Unknown · Contact Form SubmissionsQuer saber se a sua infraestrutura está exposta a isto?
Falar com a TrueHacking →