Vulnerabilities > Formget > Easy Contact Form Solution > 1.6

DATE CVE VULNERABILITY TITLE RISK
2017-10-06 CVE-2014-7240 Cross-site Scripting vulnerability in Formget Easy Contact Form Solution
Cross-site scripting (XSS) vulnerability in the Easy Contact Form Solution plugin before 1.7 for WordPress allows remote attackers to inject arbitrary web script or HTML via the value parameter in a master_response action to wp-admin/admin-ajax.php.
network
low complexity
formget CWE-79
6.1
6.1