Test ID:	1.3.6.1.4.1.25623.1.0.804770
Category:	Web application abuses
Title:	WordPress Contact Form 7 Integrations Multiple Cross Site Scripting Vulnerabilities
Summary:	WordPress Contact Form 7 Integrations is prone to multiple cross site scripting vulnerabilities.
Description:	Summary: WordPress Contact Form 7 Integrations is prone to multiple cross site scripting vulnerabilities. Vulnerability Insight: Flaws are due to the includes/toAdmin.php script does not validate input passed via 'uE' and 'uC' parameters. Vulnerability Impact: Successful exploitation will allow attacker to execute arbitrary HTML and script code in a user's browser session in the context of an affected site. Affected Software/OS: WordPress Contact Form 7 Integrations version 1.0 to 1.3.10 Solution: Upgrade to version 1.3.11 or later. CVSS Score: 4.3 CVSS Vector: AV:N/AC:M/Au:N/C:N/I:P/A:N
Cross-Ref:	Common Vulnerability Exposure (CVE) ID: CVE-2014-6445 http://research.g0blin.co.uk/cve-2014-6445/
Copyright	Copyright (C) 2014 Greenbone AG

This is only one of 145615 vulnerability tests in our test suite. Find out more about running a complete security audit. To run a free test of this vulnerability against your system, register below.