The Contact Bank plugin for WordPress is vulnerable to a security issue called Cross-Site Scripting. This means that people with bad intentions can inject malicious code into the plugin. This affects versions of the plugin before 2.0.226 and could allow attackers to execute malicious code in someone else’s browser. It is caused by the plugin not properly sanitizing data input and not properly escaping data output.
This information is sourced from www.wpvulnerability.com. An open-source database of vulnerabilities maintained by the community. Help us out by submitting vulnerabilities!
Version compare shows which versions have a vulnerability. For example: >= 2.2.8 <= 2.2.21 means:
> from 2.2.8
= including 2.2.8 & 2.2.21
< to 2.2.21
Is this information incorrect? Please leave us a message.
© Really Simple Plugins
CoC 70461155
Kalmarweg 14-5
9723 JG, Groningen (NL)
