VYPR

Encrypted Contact Form

by Everybit

Source repositories

CVEs (1)

  • CVE-2015-4010Jun 9, 2015
    risk 0.03cvss epss 0.05

    Cross-site request forgery (CSRF) vulnerability in the Encrypted Contact Form plugin before 1.1 for WordPress allows remote attackers to hijack the authentication of administrators for requests that conduct cross-site scripting (XSS) attacks via the iframe_url parameter in an…