Security Advisory

CVE-2021-25079

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2022-01-24 08:01:27

Last updated 2024-08-03 19:56:09

Assigner WPScan

State PUBLISHED

Description

The Contact Form Entries WordPress plugin before 1.2.4 does not sanitise and escape various parameters, such as form_id, status, end_date, order, orderby and search before outputting them back in the admin page

← Browse all CVEs View on cve.org ↗