The cp-contact-form-with-paypal (aka CP Contact Form with PayPal) plugin prior to 1.1.6 for WordPress has CSRF with resultant XSS, related to cp_contactformpp.php and cp_contactformpp_admin_int_list.inc.php.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
codepeople cp contact form with paypal |