CVE-2008-0197

NONECVSS 0.0

0.0

Multiple cross-site scripting (XSS) vulnerabilities in wp-contact-form/options-contactform.php in the WP-ContactForm 1.5 alpha and earlier plugin for WordPress allow remote attackers to inject arbitrary web script or HTML via the (1) wpcf_email, (2) wpcf_subject, (3) wpcf_question, (4) wpcf_answer, (5) wpcf_success_msg, (6) wpcf_error_msg, or (7) wpcf_msg parameter to wp-admin/admin.php, or (8) the SRC attribute of an IFRAME element.

🔗 References (14)

cve@mitrehttp://lists.grok.org.uk/pipermail/full-disclosure/2008-January/059439.html
cve@mitrehttp://securityreason.com/securityalert/3539
cve@mitrehttp://securityvulns.ru/Sdocument546.html
cve@mitrehttp://securityvulns.ru/Sdocument667.html
cve@mitrehttp://websecurity.com.ua/1600/
cve@mitrehttp://websecurity.com.ua/1641/
cve@mitrehttp://www.securityfocus.com/archive/1/485786/100/0/threaded
af854a3a-2127-422b-91ae-364da2661108http://lists.grok.org.uk/pipermail/full-disclosure/2008-January/059439.html
af854a3a-2127-422b-91ae-364da2661108http://securityreason.com/securityalert/3539
af854a3a-2127-422b-91ae-364da2661108http://securityvulns.ru/Sdocument546.html
af854a3a-2127-422b-91ae-364da2661108http://securityvulns.ru/Sdocument667.html
af854a3a-2127-422b-91ae-364da2661108http://websecurity.com.ua/1600/
af854a3a-2127-422b-91ae-364da2661108http://websecurity.com.ua/1641/
af854a3a-2127-422b-91ae-364da2661108http://www.securityfocus.com/archive/1/485786/100/0/threaded

Is Your Infrastructure Affected by CVE-2008-0197?

EchelonGraph automatically scans your cloud infrastructure and maps CVE exposure using blast radius analysis.

Start Free Scan →Browse All CVEs

CVE-2008-0197

📅 Published

🔄 Last Modified

🔗 References (14)

Dependency Blast Radius

Is Your Infrastructure Affected by CVE-2008-0197?