CVE-2024-2200 | BestWebSoft Contact Form Plugin up to 4.2.8 on WordPress cntctfrm_contact_subject cross site scripting

Posted by Angelo Barbosa | Mar 14, 2024 | CVE

A vulnerability was found in BestWebSoft Contact Form Plugin up to 4.2.8 on WordPress. It has been declared as problematic. Affected by this vulnerability is an unknown functionality. The manipulation of the argument cntctfrm_contact_subject leads to cross site scripting.

This vulnerability is known as CVE-2024-2200. The attack can be launched remotely. There is no exploit available.

CVE-2024-2200 | BestWebSoft Contact Form Plugin up to 4.2.8 on WordPress cntctfrm_contact_subject cross site scripting

Related Posts

CVE-2024-32546 | Adam Bowen Tax Rate Upload Plugin up to 2.4.5 on WordPress cross site scripting

CVE-2023-49821 | WP Live Chat Plugin up to 4.5.15 on WordPress cross-site request forgery

CVE-2023-43626 | Intel CPU UEFI Firmware access control (intel-sa-01071)

CVE-2023-52494 | Linux Kernel up to 5.15.148/6.1.75/6.6.14/6.7.2 mhi is_valid_ring_ptr memory corruption