Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in Creative Solutions Contact Form Generator plugin <= 2.5.5 versions.
References
| Link | Resource |
|---|---|
| https://patchstack.com/database/vulnerability/contact-form-generator/wordpress-contact-form-generator-plugin-2-5-5-reflected-cross-site-scripting-xss-vulnerability?_s_id=cve | Third Party Advisory |
| http://packetstormsecurity.com/files/174896/WordPress-Contact-Form-Generator-2.5.5-Cross-Site-Scripting.html | Exploit Third Party Advisory VDB Entry |
Configurations
History
19 Oct 2023, 20:27
| Type | Values Removed | Values Added |
|---|---|---|
| References |
|
15 Aug 2023, 12:41
| Type | Values Removed | Values Added |
|---|---|---|
| CPE | cpe:2.3:a:creative-solutions:contact_form_generator:*:*:*:*:*:wordpress:*:* | |
| First Time |
Creative-solutions
Creative-solutions contact Form Generator |
|
| CVSS |
v2 : v3 : |
v2 : unknown
v3 : 6.1 |
| References | (MISC) https://patchstack.com/database/vulnerability/contact-form-generator/wordpress-contact-form-generator-plugin-2-5-5-reflected-cross-site-scripting-xss-vulnerability?_s_id=cve - Third Party Advisory |
10 Aug 2023, 11:15
| Type | Values Removed | Values Added |
|---|---|---|
| New CVE |
Information
Published : 2023-08-10 11:15
Updated : 2023-10-19 20:27
NVD link : CVE-2023-37988
Mitre link : CVE-2023-37988
JSON object : View
Products Affected
creative-solutions
- contact_form_generator
CWE
CWE-79
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')