Vulnerability Details CVE-2012-6312
Cross-site scripting (XSS) vulnerability in the Video Lead Form plugin for WordPress allows remote attackers to inject arbitrary web script or HTML via the errMsg parameter in a video-lead-form action to wp-admin/admin.php.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.011
EPSS Ranking 77.5%
CVSS Severity
CVSS v2 Score 4.3
References
Products affected by CVE-2012-6312
-
cpe:2.3:a:video-lead-form:uk-cookie:-
-
cpe:2.3:a:wordpress:wordpress:-