Get a demo
100% Signal 0% Noise Invicti Logo - The Largest Dynamic Application Security Solutions Provider In The World Get a demo
WordPress Plugin cformsII lib_ajax.php Multiple Cross-Site Scripting Vulnerabilities - CVE-2010-3977 - Vulnerability Database
WP Plugin Cforms

WordPress Plugin cformsII lib_ajax.php Multiple Cross-Site Scripting Vulnerabilities - CVE-2010-3977

Medium
Reference: CVE-2010-3977
NVD Link: https://nvd.nist.gov/vuln/detail/CVE-2010-3977
Title: WordPress Plugin cformsII lib_ajax.php Multiple Cross-Site Scripting Vulnerabilities
Overview:

WordPress Plugin cformsII is prone to multiple cross-site scripting vulnerabilities because it fails to properly sanitize user-supplied input. Attacker supplied HTML and script code would execute in the context of the affected site potentially allowing the attacker to steal cookie-based authentication credentials or to control how the site is rendered to the user other attacks are also possible. WordPress Plugin cformsII version 13.1 is vulnerable other versions may also be affected.