CyberSec.Space Logo
Back to CVE Browser

CVE-2017-1002027

CRITICAL
9.8
CVSS Severity Score
EPSS Score0.0480%
EPSS Percentile36.02th
PublishedSep 14, 2017
Last ModifiedMay 13, 2026

Vulnerability Description

Vulnerability in wordpress plugin rk-responsive-contact-form v1.0, The variable $delid isn't sanitized before being passed into an SQL query in file ./rk-responsive-contact-form/include/rk_user_list.php.

Affected Platforms (CPE)

πŸ“¦
Rayanehdownload

Rk Responsive Contact Form

= 1.0

References & Advisories

πŸ”— http://www.vapidlabs.com/advisory.php?v=198
πŸ”— https://wordpress.org/plugins/rk-responsive-contact-form/
πŸ”— https://wpvulndb.com/vulnerabilities/8889
πŸ”— http://www.vapidlabs.com/advisory.php?v=198
πŸ”— https://wordpress.org/plugins/rk-responsive-contact-form/
πŸ”— https://wpvulndb.com/vulnerabilities/8889

Related Vulnerabilities

CVE-2014-72406.1

Cross-site scripting (XSS) vulnerability in the Easy Contact Form Solution plugin before 1.7 for WordPress allows remote attackers...

CVE-2021-245135.4

The Form Builder | Create Responsive Contact Forms WordPress plugin before 1.9.8.4 does not sanitise or escape its Form Title, all...

CVE-2017-332410.0

Vulnerability in the Primavera P6 Enterprise Project Portfolio Management component of Oracle Primavera Products Suite (subcompone...

CVE-2017-379110.0

A vulnerability in the web-based GUI of Cisco Prime Home could allow an unauthenticated, remote attacker to bypass authentication ...