RSS   Vulnerabilities for 'Cp contact form with paypal'   RSS

2017-09-29
 
CVE-2015-9234

 

 
The cp-contact-form-with-paypal (aka CP Contact Form with PayPal) plugin before 1.1.6 for WordPress has SQL injection via the cp_contactformpp_id parameter to cp_contactformpp.php.

 
 
CVE-2015-9233

 

 
The cp-contact-form-with-paypal (aka CP Contact Form with PayPal) plugin before 1.1.6 for WordPress has CSRF with resultant XSS, related to cp_contactformpp.php and cp_contactformpp_admin_int_list.inc.php.

 


Copyright 2024, cxsecurity.com

 

Back to Top