CVE-2024-2200 | BestWebSoft Contact Form Plugin up to 4.2.8 on WordPress cntctfrm_contact_subject cross site scripting

Posted by Angelo Barbosa | Mar 14, 2024 | CVE

A vulnerability was found in BestWebSoft Contact Form Plugin up to 4.2.8 on WordPress. It has been declared as problematic. Affected by this vulnerability is an unknown functionality. The manipulation of the argument cntctfrm_contact_subject leads to cross site scripting.

This vulnerability is known as CVE-2024-2200. The attack can be launched remotely. There is no exploit available.

CVE-2024-2200 | BestWebSoft Contact Form Plugin up to 4.2.8 on WordPress cntctfrm_contact_subject cross site scripting

Related Posts

CVE-2024-4936 | Canto Plugin up to 3.0.8 on WordPress file inclusion

CVE-2024-1575 | Zyxel WBE660S up to 6.70(ACGG.3) Configuration File privileges management

CVE-2024-0814 | Google Chrome prior 121.0.6167.85 Payments Privilege Escalation

CVE-2024-45732 | Splunk Enterprise/Cloud Platform prior 9.2.3/9.3.1 authorization (SVD-2024-1002)