CVE-2008-0198 (WordPress)

CVE-2008-0198 (WordPress)
BugsAlert Home > CVE-2008-0198 (WordPress)




Multiple cross-site request forgery (CSRF) vulnerabilities in wp-contact-form/options-contactform.php in the WP-ContactForm 1.5 alpha and earlier plugin for WordPress allow remote attackers to perform actions as administrators via the (1) wpcf_question, (2) wpcf_success_msg, or (3) wpcf_error_msg parameter to wp-admin/admin.php. Original Source: http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-0198 Learn more about CVE-2008-0198 (WordPress)


Tags: cve-2008-0198 wordpress

Related Items
Pagefusion Multiple Cross-Site Scripting Vulnerabilities
CVE-2008-0201 (ExpressionEngine)
CVE-2008-3487 (phpauction_gpl_enhanced)
PostgreSQL Privilege Escalation and Denial of Service Vulnerabilities
Patch Tuesday, December Edition
CVE-2007-6222 (Interleave)
MS08-040 ? Important: Vulnerabilities in Microsoft SQL Server Could Allow Elevation of Privilege (941203) - Version:1.6