CVE-2014-4583 Information
Feb 14, 2021
cve
Description
Multiple cross-site scripting (XSS) vulnerabilities in forms/messages.php in the WP-Contact (wp-contact-sidebar-widget) plugin 1.0 and earlier for WordPress allow remote attackers to inject arbitrary web script or HTML via the (1) edit (2) order_direction (3) limit_start (4) id or (5) order parameter.
Reference
http://codevigilant.com/disclosure/wp-plugin-wp-contact-sidebar-widget-a3-cross-site-scripting-xss
Share on: