A vulnerability was found in BestWebSoft Contact Form Plugin up to 4.2.8 on WordPress. It has been declared as problematic. Affected by this vulnerability is an unknown functionality. The manipulation of the argument cntctfrm_contact_subject leads to cross site scripting.

This vulnerability is known as CVE-2024-2200. The attack can be launched remotely. There is no exploit available.