WordPress Contact Form Email 1.2.65 CSRF / Cross Site Scripting

WordPress Contact Form Email 1.2.65 CSRF / Cross Site Scripting
WordPress Contact Form Email plugin version 1.2.65 suffers from cross site request forgery and cross site scripting vulnerabilities.