CVE-2023-49766

CVSS V2 None CVSS V3 None
Description
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Themefic Ultimate Addons for Contact Form 7 allows Stored XSS.This issue affects Ultimate Addons for Contact Form 7: from n/a through 3.2.0.
Overview
  • CVE ID
  • CVE-2023-49766
  • Assigner
  • Patchstack
  • Vulnerability Status
  • PUBLISHED
  • Published Version
  • 2023-12-14T15:42:37.230Z
  • Last Modified Date
  • 2023-12-14T15:42:37.230Z
Weakness Enumerations
CWE URL
CWE-79 http://cwe.mitre.org/data/definitions/79.html
References
Reference URL Reference Tags
https://patchstack.com/database/vulnerability/ultimate-addons-for-contact-form-7/wordpress-ultimate-addons-for-contact-form-7-plugin-3-2-0-unauthenticated-cross-site-scripting-xss-vulnerability?_s_id=cve vdb-entry
Sources
Source Name Source URL
NIST https://nvd.nist.gov/vuln/detail/CVE-2023-49766
MITRE https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-49766
History
Created Old Value New Value Data Type Notes
2024-06-25 12:57:40 Added to TrackCVE