WordPress Contact Form Maker 1.12.20 XSS / CSRF / SQL Injection
Posted on 07 June 2018
WordPress Contact Form Maker plugin versions 1.12.20 and below suffer from cross site scripting, cross site request forgery, and remote SQL injection vulnerabilities.