CVEDB API

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2021-42358

The Contact Form With Captcha WordPress plugin is vulnerable to Cross-Site Request Forgery due to missing nonce validation in the ~/cfwc-form.php file during contact form submission, which made it possible for attackers to inject arbitrary web scripts in versions up to, and including 1.6.2.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.001

EPSS Ranking 30.1%

CVSS Severity

CVSS v3 Score 8.8

CVSS v2 Score 6.8

References

Products affected by CVE-2021-42358

Contact Form With Captcha Project » Contact Form With Captcha » Version: N/A

cpe:2.3:a:contact_form_with_captcha_project:contact_form_with_captcha:-
Contact Form With Captcha Project » Contact Form With Captcha » Version: 1.0

cpe:2.3:a:contact_form_with_captcha_project:contact_form_with_captcha:1.0
Contact Form With Captcha Project » Contact Form With Captcha » Version: 1.1

cpe:2.3:a:contact_form_with_captcha_project:contact_form_with_captcha:1.1
Contact Form With Captcha Project » Contact Form With Captcha » Version: 1.2

cpe:2.3:a:contact_form_with_captcha_project:contact_form_with_captcha:1.2
Contact Form With Captcha Project » Contact Form With Captcha » Version: 1.3

cpe:2.3:a:contact_form_with_captcha_project:contact_form_with_captcha:1.3
Contact Form With Captcha Project » Contact Form With Captcha » Version: 1.4

cpe:2.3:a:contact_form_with_captcha_project:contact_form_with_captcha:1.4
Contact Form With Captcha Project » Contact Form With Captcha » Version: 1.5

cpe:2.3:a:contact_form_with_captcha_project:contact_form_with_captcha:1.5
Contact Form With Captcha Project » Contact Form With Captcha » Version: 1.5.1

cpe:2.3:a:contact_form_with_captcha_project:contact_form_with_captcha:1.5.1
Contact Form With Captcha Project » Contact Form With Captcha » Version: 1.5.2

cpe:2.3:a:contact_form_with_captcha_project:contact_form_with_captcha:1.5.2
Contact Form With Captcha Project » Contact Form With Captcha » Version: 1.5.3

cpe:2.3:a:contact_form_with_captcha_project:contact_form_with_captcha:1.5.3
Contact Form With Captcha Project » Contact Form With Captcha » Version: 1.5.4

cpe:2.3:a:contact_form_with_captcha_project:contact_form_with_captcha:1.5.4
Contact Form With Captcha Project » Contact Form With Captcha » Version: 1.5.5

cpe:2.3:a:contact_form_with_captcha_project:contact_form_with_captcha:1.5.5
Contact Form With Captcha Project » Contact Form With Captcha » Version: 1.5.6

cpe:2.3:a:contact_form_with_captcha_project:contact_form_with_captcha:1.5.6
Contact Form With Captcha Project » Contact Form With Captcha » Version: 1.5.7

cpe:2.3:a:contact_form_with_captcha_project:contact_form_with_captcha:1.5.7
Contact Form With Captcha Project » Contact Form With Captcha » Version: 1.5.8

cpe:2.3:a:contact_form_with_captcha_project:contact_form_with_captcha:1.5.8
Contact Form With Captcha Project » Contact Form With Captcha » Version: 1.5.9

cpe:2.3:a:contact_form_with_captcha_project:contact_form_with_captcha:1.5.9
Contact Form With Captcha Project » Contact Form With Captcha » Version: 1.6.0

cpe:2.3:a:contact_form_with_captcha_project:contact_form_with_captcha:1.6.0
Contact Form With Captcha Project » Contact Form With Captcha » Version: 1.6.1

cpe:2.3:a:contact_form_with_captcha_project:contact_form_with_captcha:1.6.1
Contact Form With Captcha Project » Contact Form With Captcha » Version: 1.6.2

cpe:2.3:a:contact_form_with_captcha_project:contact_form_with_captcha:1.6.2

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2021-42358

Products

Pricing

Contact Us