Cross-Site Scripting Vulnerability in Multiple WordPress Plugins by BestWebSoft
CVE-2017-2171
6.1MEDIUM
What is CVE-2017-2171?
The vulnerability allows remote attackers to inject arbitrary web scripts or HTML into applications utilizing multiple BestWebSoft plugins. Specifically, the affected plugins prior to specified versions can be exploited via the function that displays the BestWebSoft menu, potentially compromising the integrity of the web application and exposing sensitive data.
Affected Version(s)
Captcha prior to version 4.3.0
Car Rental prior to version 1.0.5
Contact Form prior to version 4.0.6