The Easy Contact Form Pro plugin for WordPress had a security flaw that put it at risk for a type of attack called Stored Cross-Site Scripting. This means that people with limited access (like authors) could inject web scripts into pages that would run when someone else opened the page. The problem has been fixed in versions 1.1.1.9 and later
This information is sourced from www.wpvulnerability.com. An open-source database of vulnerabilities maintained by the community. Help us out by submitting vulnerabilities!
Version compare shows which versions have a vulnerability. For example: >= 2.2.8 <= 2.2.21 means:
> from 2.2.8
= including 2.2.8 & 2.2.21
< to 2.2.21
Is this information incorrect? Please leave us a message.
