cve/2023/CVE-2023-37988.md

CVE-2023-37988

Description

Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in Creative Solutions Contact Form Generator plugin <= 2.5.5 versions.

POC

Reference

• http://packetstormsecurity.com/files/174896/WordPress-Contact-Form-Generator-2.5.5-Cross-Site-Scripting.html

Github

• https://github.com/codeb0ss/CVE-2023-37988-PoC
• https://github.com/fkie-cad/nvd-json-data-feeds
• https://github.com/nomi-sec/PoC-in-GitHub