Descrição
The Contact Form With Captcha WordPress plugin is vulnerable to Cross-Site Request Forgery due to missing nonce validation in the ~/cfwc-form.php file during contact form submission, which made it possible for attackers to inject arbitrary web scripts in versions up to, and including 1.6.2.
Software
Não informado
Tipo Software
Plugin
CVE
CVE-2021-42358
Tags
Nâo informado
Data de publicação
29/11/2021
Última atualização
11/03/2022
Pontuação em CVSS 3.0
8.8
Alto