Really Simple Security logo

Log out
Get PRO

Black Friday Deals 40% OFF

Days
Hours
Minutes

USE CODE: BF2025

Latest

Input validation vulnerability in Contact Form Email 1.01

  • Severity: high-risk
  • Status: Fixed
  • Publication: November 22, 2014

The Contact Form Email plugin for WordPress has a security vulnerability that could allow unauthenticated attackers to inject malicious web scripts into pages. This vulnerability affects versions 1.01 and earlier, because the plugin does not properly sanitize user input or escape output. If a user visits an injected page, the malicious web script will execute.

Detected in:

Contact Form Email fixed vulnerable versions: >= * < 1.0.1

This information is sourced from www.wpvulnerability.com. An open-source database of vulnerabilities maintained by the community. Help us out by submitting vulnerabilities!

Version compare shows which versions have a vulnerability. For example: >= 2.2.8 <= 2.2.21 means:

> from 2.2.8
= including 2.2.8 & 2.2.21
< to 2.2.21

  • Incorrect?

Is this information incorrect? Please leave us a message.