Contact Form by Supsystic, CVE-2021-24276

CVE, Research URL: CVE-2021-24276
Home page URL: Security reports for Contact Form by Supsystic
Application: Contact Form by Supsystic
Published on: May 06, 2021
Research Description: The Contact Form by Supsystic WordPress plugin before 1.7.15 did not sanitise the tab parameter of its options page before outputting it in an attribute, leading to a reflected Cross-Site Scripting issue
Affected versions: max 1.7.11.
Status: vulnerable