CVE-2024-2198 | BestWebSoft Contact Form Plugin up to 4.2.8 on WordPress cntctfrm_contact_address cross site scripting

Inserito da Angelo Barbosa | Mar 14, 2024 | CVE

A vulnerability has been found in BestWebSoft Contact Form Plugin up to 4.2.8 on WordPress and classified as problematic. This vulnerability affects the function cntctfrm_contact_address. The manipulation leads to cross site scripting.

This vulnerability was named CVE-2024-2198. The attack can be initiated remotely. There is no exploit available.

CVE-2024-2198 | BestWebSoft Contact Form Plugin up to 4.2.8 on WordPress cntctfrm_contact_address cross site scripting

Post correlati

CVE-2023-50804 | Samsung Auto T5123 NAS Module improper authentication

CVE-2024-32964 | lobehub lobe-chat up to 0.150.5 /api/proxy server-side request forgery

CVE-2023-48245 | Rexroth Nexo Cordless Nutrunner up to V1500-SP2 HTTP Request authorization

CVE-2024-3664 | Quick Featured Images Plugin up to 13.7.0 on WordPress Thumbnail authorization