CVEDB API

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2014-7240

Cross-site scripting (XSS) vulnerability in the Easy Contact Form Solution plugin before 1.7 for WordPress allows remote attackers to inject arbitrary web script or HTML via the value parameter in a master_response action to wp-admin/admin-ajax.php.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.002

EPSS Ranking 39.8%

CVSS Severity

CVSS v3 Score 6.1

CVSS v2 Score 4.3

References

Products affected by CVE-2014-7240

Formget » Easy Contact Form Solution » Version: 1.0

cpe:2.3:a:formget:easy_contact_form_solution:1.0
Formget » Easy Contact Form Solution » Version: 1.1

cpe:2.3:a:formget:easy_contact_form_solution:1.1
Formget » Easy Contact Form Solution » Version: 1.2

cpe:2.3:a:formget:easy_contact_form_solution:1.2
Formget » Easy Contact Form Solution » Version: 1.3

cpe:2.3:a:formget:easy_contact_form_solution:1.3
Formget » Easy Contact Form Solution » Version: 1.4

cpe:2.3:a:formget:easy_contact_form_solution:1.4
Formget » Easy Contact Form Solution » Version: 1.5

cpe:2.3:a:formget:easy_contact_form_solution:1.5
Formget » Easy Contact Form Solution » Version: 1.6

cpe:2.3:a:formget:easy_contact_form_solution:1.6

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2014-7240

Products

Pricing

Contact Us