Contact Form DB <= 2.8.29 - Cross-Site Request Forgery (CSRF)

Affects Plugin

fixed in version 2.8.32
- plugin closed

References

CVE 2015-1874
PacketStorm 130654
URL https://security.dxw.com/advisories/csrf-in-contact-form-db-allows-attacker-to-delete-all-stored-form-submissions/

Classification

Type CSRF
CWE CWE-352

Miscellaneous

Submitter pvdl
Views 5619
Verified No
WPVDB ID 7826

Timeline

Publicly Published 2015-03-04 (over 5 years ago)
Added 2015-03-05 (over 5 years ago)
Last Updated 2019-10-21 (9 months ago)

Our Other Services

Online WordPress Vulnerability Scanner WPScan WordPress Security Plugin