Reflected XSS in Contact Form Master WordPress Plugin Pre-1.0.8
The Contact Form Master WordPress plugin up to version 1.0.7 has a Reflected Cross-Site Scripting vulnerability. It doesn't sanitize and escape a parameter before showing it on the page. This can target high privilege users like admin.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
unknown contact form master |