WordPress Plugin Vulnerabilities

Contact Form 7 Integrations 1.0 - 1.3.10 Multiple Cross-Site scripting (XSS)

Description

The contact-form-7-integrations WordPress plugin was affected by a 1.3.10 Multiple Cross-Site scripting (XSS) security vulnerability.

Affects Plugins

Plugin icon
contact-form-7-integrations
Fixed in 1.3.10

References

CVE
CVE-2014-6445
URL
https://g0blin.co.uk/cve-2014-6445/

Classification

Type
XSS
OWASP top 10
A7: Cross-Site Scripting (XSS)
CWE
CWE-79

Miscellaneous

Submitter
ethicalhack3r
Submitter twitter
ethicalhack3r
Verified
No
WPVDB ID
bb5efecf-a5c6-40ff-9603-a2032dd39f41

Timeline

Publicly Published
2014-10-06 (about 11 years ago)
Added
2014-10-06 (about 11 years ago)
Last Updated
2019-10-21 (about 6 years ago)

Other

Published
Title
Published
2023-10-22
Title
Smart Online Order for Clover < 1.5.5 - Reflected XSS
Published
2016-07-14
Title
WP No External Links <= 3.5.15 - Cross-Site Scripting (XSS)
Published
2024-04-19
Title
reCAPTCHA Jetpack <= 0.2.2 - Stored XSS via CSRF
Published
2022-06-01
Title
Active Products Tables for WooCommerce < 1.0.5 - Reflected Cross-Site-Scripting
Published
2023-11-07
Title
Under Construction / Maintenance Mode from Acurax <= 2.6 - Unauthenticated Stored XSS