High Severity Vulnerability Leads to Closure of Plugin with Over 100,000 Installations
|
System information
|
| |
|
|
Affected software |
Wordpress |
Description
|
On April 1, 2020, the Wordfence Threat Intelligence team discovered a stored Cross Site Scripting (XSS) vulnerability in Contact Form 7 Datepicker, a WordPress plugin installed on over 100,000 sites. As the plugin developer’s github page indicated that the plugin was no longer being maintained, we contacted the WordPress plugins team with our disclosure, and […]
More info:
https://www.wordfence.com/blog/2020/04/high-severity-vulnerability-leads-to-closure-of-plugin-with-over-100000-installations/ |
Standar resources
|
|
Property |
Value |
|
CVE |
|
