oss-sec mailing list archives
CVE Request - Cross-Site Request Forgery, Cross-Site Scripting and SQL Injection in CP Contact Form with Paypal Wordpress Plugin v1.1.5
From: Nitin Venkatesh <venkatesh.nitin () gmail com>
Date: Sat, 11 Jul 2015 04:06:07 +0000
Hi, I discovered Cross-Site Request Forgery, Cross-Site Scripting and SQL Injection in CP Contact Form with Paypal Wordpress Plugin v1.1.5 which was responsibly disclosed to the vendor who fixed the issues in v1.1.6. I request a CVE for the same. References: http://seclists.org/fulldisclosure/2015/Jul/49 Thanks & regards, Nitin Venkatesh
Current thread:
- CVE Request - Cross-Site Request Forgery, Cross-Site Scripting and SQL Injection in CP Contact Form with Paypal Wordpress Plugin v1.1.5 Nitin Venkatesh (Jul 10)