EIP-2026-113992
PRE-CVEWordPress Plugin Quick Contact Form 6.0 - Persistent Cross-Site Scripting
Title source: legacyExploitation Summary
EIP tracks 1 public exploit for EIP-2026-113992. PoCs published by Zy0d0x.
AI-analyzed exploit summary This is a security advisory detailing a persistent Cross-Site Scripting (XSS) vulnerability in the Quick Contact Form WordPress plugin version 6.0. The vulnerability arises from insufficient input validation and output sanitization of the 'qcfname4' parameter, allowing attackers to inject malicious scripts.
Description
WordPress Plugin Quick Contact Form 6.0 - Persistent Cross-Site Scripting
Exploits (1)
This is a security advisory detailing a persistent Cross-Site Scripting (XSS) vulnerability in the Quick Contact Form WordPress plugin version 6.0. The vulnerability arises from insufficient input validation and output sanitization of the 'qcfname4' parameter, allowing attackers to inject malicious scripts.