CVE-2025-30885

URL Redirection to Untrusted Site 'Open Redirect' vulnerability in Bit Apps Bit Form bit-form allows Phishing.This issue affects Bit Form: from n/a through = 2.18.0...

CVE-2025-30885

URL Redirection to Untrusted Site 'Open Redirect' vulnerability in Bit Apps Bit Form bit-form allows Phishing.This issue affects Bit Form: from n/a through = 2.18.0...

WordPress Bit Form plugin <= 2.18.0 - Open Redirection vulnerability

Open Redirection vulnerability discovered by Le Ngoc Anh in WordPress Plugin Bit Form versions = 2.18.0...

CVE-2025-30885 WordPress Bit Form plugin <= 2.18.0 - Open Redirection vulnerability

URL Redirection to Untrusted Site 'Open Redirect' vulnerability in Bit Apps Bit Form bit-form allows Phishing.This issue affects Bit Form: from n/a through = 2.18.0...

CVE-2025-30885 WordPress Bit Form plugin <= 2.18.0 - Open Redirection vulnerability

URL Redirection to Untrusted Site 'Open Redirect' vulnerability in Bit Apps Bit Form bit-form allows Phishing.This issue affects Bit Form: from n/a through = 2.18.0...

CVE-2025-30885

CVE-2025-30885 is an Open Redirect vulnerability in Bit Form – Contact Form Plugin for WordPress. The WordPress plugin Bit Form &lt;= 2.18.0 is affected, enabling phishing via malicious redirects. The issue is tracked in CVE-2025-30885 and is listed as patched for Bit Form

WordPress plugin Bit Form – Contact Form Plugin 输入验证错误漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. An input validation error...

CVE-2024-43248

Improper Limitation of a Pathname to a Restricted Directory 'Path Traversal' vulnerability in Bit Apps Bit Form Pro allows File Manipulation.This issue affects Bit Form Pro: from n/a through 2.6.4...

CVE-2024-43249

Unrestricted Upload of File with Dangerous Type vulnerability in Bit Apps Bit Form Pro allows Command Injection.This issue affects Bit Form Pro: from n/a through 2.6.4...

CVE-2024-43250

Incorrect Authorization vulnerability in Bit Apps Bit Form Pro bitformpro allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects Bit Form Pro: from n/a through 2.6.4...

CVE-2024-7780

The Contact Form by Bit Form: Multi Step Form, Calculation Contact Form, Payment Contact Form & Custom Contact Form builder plugin for WordPress is vulnerable to generic SQL Injection via the id parameter in versions 2.0 to 2.13.9 due to insufficient escaping on the user-supplied parameter and la...

CVE-2024-7777

The Contact Form by Bit Form: Multi Step Form, Calculation Contact Form, Payment Contact Form & Custom Contact Form builder plugin for WordPress is vulnerable to arbitrary file read and deletion due to insufficient file path validation in multiple functions in versions 2.0 to 2.13.9. This makes i...

CVE-2024-7702

The Contact Form by Bit Form: Multi Step Form, Calculation Contact Form, Payment Contact Form & Custom Contact Form builder plugin for WordPress is vulnerable to generic SQL Injection via the entryID parameter in versions 2.0 to 2.13.9 due to insufficient escaping on the user-supplied parameter a...

CVE-2024-7782

The Contact Form by Bit Form: Multi Step Form, Calculation Contact Form, Payment Contact Form & Custom Contact Form builder plugin for WordPress is vulnerable to arbitrary file deletion due to insufficient file path validation in the iconRemove function in versions 2.0 to 2.13.4. This makes it...

CVE-2024-47301

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Bit Apps Bit Form bit-form allows Stored XSS.This issue affects Bit Form: from n/a through = 2.13.10...

CVE-2024-47335

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in Bit Apps Bit Form bit-form allows SQL Injection.This issue affects Bit Form: from n/a through = 2.13.11...

CVE-2024-47319

Unrestricted Upload of File with Dangerous Type vulnerability in Bit Apps Bit Form bit-form.This issue affects Bit Form: from n/a through = 2.13.10...

CVE-2024-6123

The Bit Form plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the 'iconUpload' function in all versions up to, and including, 2.13.3. This makes it possible for authenticated attackers, with administrator-level and above permissions, to upload...

WordPress Bit Form – Contact Form plugin <= 2.17.4 - Authenticated (Administrator+) Server-Side Request Forgery vulnerability

Authenticated Administrator+ Server-Side Request Forgery vulnerability discovered by Francesco Carlucci in WordPress Plugin Bit Form versions = 2.17.4...

CVE-2024-13450 Contact Form by Bit Form <= 2.17.4 - Authenticated (Administrator+) Server-Side Request Forgery

The Contact Form by Bit Form: Multi Step Form, Calculation Contact Form, Payment Contact Form & Custom Contact Form builder plugin for WordPress is vulnerable to Server-Side Request Forgery in all versions up to, and including, 2.17.4 via the Webhooks integration. This makes it possible for...