Vulnerabilities and security researches forcontact-us-by-lord-linus contact-us-by-lord-linus

Feb 13, 2025

CVE, Research URL: CVE-2025-25127
Home page URL: Security reports for Contact Us By Lord Linus
Application: Contact Us By Lord Linus
Date: Mar 03, 2025
Research Description: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Rohitashv Singhal Contact Us By Lord Linus allows Reflected XSS. This issue affects Contact Us By Lord Linus: from n/a through 2.6.
Affected versions: Min -, max -.
Status: vulnerable

May 11, 2025

CVE, Research URL: CVE-2025-1382
Home page URL: Security reports for Contact Us By Lord Linus
Application: Contact Us By Lord Linus
Date: Mar 09, 2025
Research Description: The Contact Us By Lord Linus WordPress plugin through 2.6 does not have CSRF check in some places, and is missing sanitisation as well as escaping, which could allow attackers to make logged in admin add Stored XSS payloads via a CSRF attack.
Affected versions: Min -, max -.
Status: vulnerable