Cross-Site Request Forgery, Cross-Site Scripting and SQL Injection in CP Contact Form with Paypal WordPress Plugin v1.1.5

July 10, 2015 007admin Leave a comment

Posted by Nitin Venkatesh on Jul 10

# Title: Cross-Site Request Forgery, Cross-Site Scripting and SQL Injection
in CP Contact Form with Paypal WordPress Plugin v1.1.5
# Submitter: Nitin Venkatesh
# Product: CP Contact Form with Paypal WordPress Plugin
# Product URL: https://wordpress.org/plugins/cp-contact-form-with-paypal/
# Vulnerability Type: Cross-site Request Forgery [CWE-352], Cross-site
scripting[CWE-79], Improper Neutralization of Special Elements used in an
SQL Command…

007 Software

Cross-Site Request Forgery, Cross-Site Scripting and SQL Injection in CP Contact Form with Paypal WordPress Plugin v1.1.5

Leave a Reply Cancel reply

Software and Security Information