Log out
Get PRO

Latest

Input validation vulnerability in Contact Bank – Contact Form Builder for WordPress 2.0.226

  • Severity: medium-risk
  • Status: Open
  • Publication: August 13, 2015

The Contact Bank plugin for WordPress is vulnerable to a security issue called Cross-Site Scripting. This means that people with bad intentions can inject malicious code into the plugin. This affects versions of the plugin before 2.0.226 and could allow attackers to execute malicious code in someone else’s browser. It is caused by the plugin not properly sanitizing data input and not properly escaping data output.

Detected in:

Contact Bank – Contact Form Builder for WordPress open vulnerable versions: >= * < 2.0.226

This information is sourced from www.wpvulnerability.com. An open-source database of vulnerabilities maintained by the community. Help us out by submitting vulnerabilities!

Version compare shows which versions have a vulnerability. For example: >= 2.2.8 <= 2.2.21 means:

> from 2.2.8
= including 2.2.8 & 2.2.21
< to 2.2.21

  • Incorrect?

Is this information incorrect? Please leave us a message.