Description
WordPress Plugin Contact Form by BestWebSoft is prone to a cross-site request forgery vulnerability. Exploiting this issue may allow a remote attacker to perform certain administrative actions and gain unauthorized access to the affected application; other attacks are also possible. WordPress Plugin Contact Form by BestWebSoft version 3.82 is vulnerable; other versions may also be affected.
Remediation
Update to plugin version 3.83 or latest
References
Related Vulnerabilities
Joomla! Core 1.0 Remote File Inclusion (1.0.0)
WordPress Plugin Add Link to Facebook Cross-Site Scripting (2.2.7)
WordPress Plugin Migration, Backup, Staging-WPvivid SQL Injection (0.9.52)
UAParser.js Inclusion of Functionality from Untrusted Control Sphere Vulnerability (CVE-2021-4229)
WordPress Plugin WP Web Scraper Unspecified Vulnerability (2.4)