mdsimpson
commented
6 years ago Fixed in 2.10.36
Closed mjohnsonwpfx closed 6 years ago
mdsimpson
commented
6 years ago Fixed in 2.10.36
mjohnsonwpfx
commented
6 years ago Awesome, thanks!
Hello,
There is a vulnerability with this plugin... https://wpvulndb.com/vulnerabilities/9060
I realize the version it references in this article is not the most recent version of this plugin (because I believe it is going off of the WP plugin repo), but I did compare that version to your most recent version here on GitHub and the lines it references are the same. https://www.exploit-db.com/exploits/44367/
Do you have any plans to release an update that patches this?
Here's a link I found on the wp plugin page support too... https://wordpress.org/support/topic/contact-form-db-2-8-13-2-x-cross-site-scripting-xss/
Thanks!