The 123ContactForm for WordPress plugin, which is used on WordPress websites, has a security vulnerability in versions 1.5.6 and earlier. This vulnerability makes it possible for someone without permission to create posts on the website. This is because the plugin did not correctly validate signatures when it used the cfp_new_post function.
This information is sourced from www.wpvulnerability.com. An open-source database of vulnerabilities maintained by the community. Help us out by submitting vulnerabilities!
Version compare shows which versions have a vulnerability. For example: >= 2.2.8 <= 2.2.21 means:
> from 2.2.8
= including 2.2.8 & 2.2.21
< to 2.2.21
Is this information incorrect? Please leave us a message.
