Vulnerabilities (CVE)

Join the Common Vulnerabilities and Exposures (CVE) community and start to get notified about new vulnerabilities.

  1. Reconshell
  2. Vulnerabilities (CVE)
Filtered by vendor Clean-contact Project Subscribe
Filtered by product Clean-contact
Total 1 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2022-1914 1 Clean-contact Project 1 Clean-contact 2022-07-06 4.3 MEDIUM 4.3 MEDIUM
The Clean-Contact WordPress plugin through 1.6 does not have CSRF check in place when updating its settings, which could allow attackers to make a logged in admin change them via a CSRF attack and lead to Stored XSS due to the lack of sanitisation and escaping as well