PT-2023-10011 · Bestwebsoft · Bestwebsoft Contact Form Plugin

CVE-2013-10022

·

Published

2023-04-05

·

Updated

2024-05-17

CVSS v2.0

4.0

Medium

VectorAV:N/AC:L/Au:S/C:N/I:P/A:N
Name of the Vulnerable Software and Affected Versions BestWebSoft Contact Form Plugin version 3.51
Description A vulnerability has been found in the BestWebSoft Contact Form Plugin, affecting the function cntctfrm display form/cntctfrm check form of the file contact form.php. This issue leads to cross-site scripting and can be launched remotely.
Recommendations For BestWebSoft Contact Form Plugin version 3.51, upgrade to version 3.52 to address this issue. As a temporary workaround, consider disabling the cntctfrm display form/cntctfrm check form function until the patch is applied. Restrict access to the contact form.php file to minimize the risk of exploitation.

Fix

XSS

Found an issue in the description? Have something to add? Feel free to write us 👾

Weakness Enumeration

Related Identifiers

CVE-2013-10022

Affected Products

Bestwebsoft Contact Form Plugin