19 matches found
EUVD-2025-201973
Missing Authorization vulnerability in bestwebsoft Contact Form by BestWebSoft contact-form-plugin allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Contact Form by BestWebSoft: from n/a through = 4.3.5...
CVE-2025-63056
Missing Authorization vulnerability in bestwebsoft Contact Form by BestWebSoft contact-form-plugin allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Contact Form by BestWebSoft: from n/a through = 4.3.6...
CVE-2025-63056 WordPress Contact Form by BestWebSoft plugin <= 4.3.6 - Broken Access Control vulnerability
Missing Authorization vulnerability in bestwebsoft Contact Form by BestWebSoft contact-form-plugin allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Contact Form by BestWebSoft: from n/a through = 4.3.6...
EUVD-2012-1032
Malware in sbrugna...
CVE-2012-10010
A vulnerability was found in BestWebSoft Contact Form 3.21. It has been classified as problematic. This affects the function cntctfrmsettingspage of the file contactform.php. The manipulation leads to cross-site request forgery. It is possible to initiate the attack remotely. Upgrading to version...
CVE-2013-10022
A vulnerability, which was classified as problematic, has been found in BestWebSoft Contact Form Plugin 3.51 on WordPress. Affected by this issue is the function cntctfrmdisplayform/cntctfrmcheckform of the file contactform.php. The manipulation leads to cross site scripting. The attack may be...
CVE-2017-20055
A vulnerability classified as problematic has been found in BestWebSoft Contact Form Plugin 4.0.0. This affects an unknown part. The manipulation leads to basic cross site scripting Stored. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be use...
CVE-2024-35678
Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in BestWebSoft Contact Form to DB by BestWebSoft.This issue affects Contact Form to DB by BestWebSoft: from n/a through 1.7.2...
CVE-2023-36508
CVE-2023-36508 —SQL Injection in the WordPress plugin "Contact Form to DB by BestWebSoft – Messages Database". Affected versions: from n/a through 1.7.1 (BestWebSoft). Root cause: improper neutralization of input in SQL commands, enabling unauthenticated injection under administrator context. Imp...
CVE-2012-10010
A vulnerability was found in BestWebSoft Contact Form 3.21. It has been classified as problematic. This affects the function cntctfrmsettingspage of the file contactform.php. The manipulation leads to cross-site request forgery. It is possible to initiate the attack remotely. Upgrading to version...
Cross site request forgery (csrf)
A vulnerability was found in BestWebSoft Contact Form 3.21. It has been classified as problematic. This affects the function cntctfrmsettingspage of the file contactform.php. The manipulation leads to cross-site request forgery. It is possible to initiate the attack remotely. Upgrading to version...
Cross site scripting
A vulnerability was found in BestWebSoft Contact Form Plugin 1.3.4 on WordPress and classified as problematic. Affected by this issue is the function bwsaddmenurender of the file bwsmenu/bwsmenu.php. The manipulation of the argument bwsmnformemail leads to cross site scripting. The attack may be...
CVE-2014-125095 BestWebSoft Contact Form Plugin bws_menu.php bws_add_menu_render cross site scripting
A vulnerability was found in BestWebSoft Contact Form Plugin 1.3.4 on WordPress and classified as problematic. Affected by this issue is the function bwsaddmenurender of the file bwsmenu/bwsmenu.php. The manipulation of the argument bwsmnformemail leads to cross site scripting. The attack may be...
WordPress Plugin BestWebSoft Contact Form 跨站请求伪造漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A cross-site request forgery vulnerability...
CVE-2013-10022
A vulnerability, which was classified as problematic, has been found in BestWebSoft Contact Form Plugin 3.51 on WordPress. Affected by this issue is the function cntctfrmdisplayform/cntctfrmcheckform of the file contactform.php. The manipulation leads to cross site scripting. The attack may be...
Cross site scripting
A vulnerability, which was classified as problematic, has been found in BestWebSoft Contact Form Plugin 3.51 on WordPress. Affected by this issue is the function cntctfrmdisplayform/cntctfrmcheckform of the file contactform.php. The manipulation leads to cross site scripting. The attack may be...
WordPress plugin BestWebSoft Contact Form cross-site scripting vulnerability
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A cross-site scripting...
CVE-2017-20055
A vulnerability classified as problematic has been found in BestWebSoft Contact Form Plugin 4.0.0. This affects an unknown part. The manipulation leads to basic cross site scripting Stored. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be use...
Cross site scripting
A vulnerability classified as problematic has been found in BestWebSoft Contact Form Plugin 4.0.0. This affects an unknown part. The manipulation leads to basic cross site scripting Stored. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be use...