Vulnerabilities > Easy Contact Form PRO Project
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2021-04-05 | CVE-2021-24168 | Cross-site Scripting vulnerability in Easy Contact Form PRO Project Easy Contact Form PRO The Easy Contact Form Pro WordPress plugin before 1.1.1.9 did not properly sanitise the text fields (such as Email Subject, Email Recipient, etc) when creating or editing a form, leading to an authenticated (author+) stored cross-site scripting issue. | 3.5 |