-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
On Tue, Feb 05, 2019 at 04:25:25PM +0100, Tim Coen wrote:
> https://security-consulting.icu/blog/2019/02/wordpress-contact-form-email-xss-csrf/
MITRE assigned CVE-2019-9646 for this vulnerability.
- --
Henri Salo
-BEGIN PGP SIGNATURE-
* Vulnerability: XSS & CSRF
* Affected Software: [Contact Form
Email](https://wordpress.org/plugins/contact-form-to-email/)
* Affected Version: 1.2.65
* Patched Version: 1.2.66
* CVE: not requested
* Risk: Medium
* Vendor Contacted: 10/31/2018
* Vendor Fix: 10/31/2018
* Public