WordPress Plugin Vulnerabilities

Quick Contact Form 6.0 - Stored XSS

Description

The Quick Contact Form WordPress plugin was affected by a Stored XSS security vulnerability.

Affects Plugins

Plugin icon
quick-contact-form
Fixed in 6.1

References

Exploitdb
28808
URL
https://packetstormsecurity.com/files/#123549/
URL
http://quick-plugins.com/quick-contact-form/

Classification

Type
XSS
OWASP top 10
A7: Cross-Site Scripting (XSS)
CWE
CWE-79

Miscellaneous

Verified
No
WPVDB ID
a9563b58-81c8-43ce-8772-805bad6c98f7

Timeline

Publicly Published
2013-10-08 (about 12 years ago)
Added
2014-08-01 (about 11 years ago)
Last Updated
2019-10-21 (about 6 years ago)

Other

Published
Title
Published
2019-07-16
Title
Coming Soon Page & Maintenance Mode < 1.8.2 - Unauthenticated Stored XSS
Published
2022-05-04
Title
Checkout Files Upload for WooCommerce < 2.1.3 - Reflected Cross-Site Scripting
Published
2024-05-17
Title
DethemeKit For Elementor < 2.1.4 - Authenticated (Contributor+) Stored Cross-Site Scripting via Multiple Widgets
Published
2014-08-01
Title
Blogst& Smart Banner 1.0 - blogst&-banner.php bs_blog_id Parameter XSS
Published
2024-09-12
Title
WP Meta SEO < 4.5.14 - Authenticated (Administrator+) Stored Cross-Site Scripting