The cp-contact-form-with-paypal (aka CP Contact Form with PayPal) plugin prior to 1.1.6 for WordPress has SQL injection via the cp_contactformpp_id parameter to cp_contactformpp.php.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
cfpaypal cp contact form with paypal |