The "CP Contact Form with PayPal" plugin prior to 1.2.99 for WordPress has XSS in the publishing wizard via the wp-admin/admin.php?page=cp_contact_form_paypal.php&pwizard=1 cp_contactformpp_id parameter.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
codepeople cp contact form with paypal |