Key Vulnerability Information Vulnerability ID: CVE-2014-125095 Product: BestWebSoft Contact Form Plugin 1.3.4 Platform: WordPress CVSS Meta Temp Score: 4.3 Current Exploit Price: $0-$5k CTI Interest Score: 0.00 Summary A vulnerability was found in BestWebSoft Contact Form Plugin 1.3.4 on WordPress. The issue is problematic as it involves the function in the file . Manipulating the argument leads to cross-site scripting. Details Affected Function: in . Vulnerability Type: Cross-site scripting due to manipulation of the argument. CWE Classification: CWE-79 (Improper Neutralization of Input Before Output in a Web Page). Impact: Integrity - the vulnerability allows for remotely launching attacks due to un-neutralized user-controllable input. Status: No known exploit available; recommended to upgrade the affected component.