Full title: WordPress CP Contact Form With Paypal 1.1.5 CSRF / XSS / SQL Injection Vulnerabilities Category: web applications Platform: php WordPress CP Contact Form with Paypal plugin version 1.1.5 suffers from cross site request forgery, cross site scripting, and remote SQL injection vulnerabilities. # 0day.today @ http://0day.today/