97 matches found
EUVD-2021-34788
Contact Form to Email 1.3.24 contains a stored cross-site scripting vulnerability that allows authenticated attackers to inject malicious scripts by creating forms with script tags in the form name field. Attackers can craft form names containing JavaScript code that executes when other logged-in...
CVE-2021-47926
Contact Form to Email 1.3.24 contains a stored cross-site scripting vulnerability that allows authenticated attackers to inject malicious scripts by creating forms with script tags in the form name field. Attackers can craft form names containing JavaScript code that executes when other logged-in...
CVE-2026-32483
Missing Authorization vulnerability in codepeople Contact Form Email contact-form-to-email allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Contact Form Email: from n/a through = 1.3.63...
CVE-2026-32483
Missing Authorization vulnerability in codepeople Contact Form Email contact-form-to-email allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Contact Form Email: from n/a through = 1.3.63...
CVE-2026-32483
Missing Authorization vulnerability in codepeople Contact Form Email contact-form-to-email allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Contact Form Email: from n/a through = 1.3.63...
CVE-2026-32483 WordPress Contact Form Email plugin <= 1.3.63 - Broken Access Control vulnerability
Missing Authorization vulnerability in codepeople Contact Form Email contact-form-to-email allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Contact Form Email: from n/a through = 1.3.63...
CVE-2026-32483 WordPress Contact Form Email plugin <= 1.3.63 - Broken Access Control vulnerability
Missing Authorization vulnerability in codepeople Contact Form Email contact-form-to-email allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Contact Form Email: from n/a through = 1.3.63...
CVE-2026-32483
The CVE-2026-32483 entry concerns the WordPress plugin WordPress Contact Form Email (plugin) versions up to 1.3.63. It describes a Missing Authorization vulnerability caused by incorrectly configured access control security levels in codepeople Contact Form Email. The impact is described as high ...
PT-2026-27999
Name of the Vulnerable Software and Affected Versions codepeople Contact Form Email versions n/a through 1.3.63 Description An authorization issue exists in codepeople Contact Form Email. The issue involves exploiting incorrectly configured access control security levels. Recommendations Update t...
WordPress plugin Contact Form Email 安全漏洞
WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application extension. WordPres...
WordPress Contact Form Email plugin <= 1.3.63 - Broken Access Control vulnerability
Broken Access Control vulnerability discovered by huli07 in WordPress Plugin Contact Form Email versions = 1.3.63...
CVE-2025-10019
Authorization Bypass Through User-Controlled Key vulnerability in codepeople Contact Form Email contact-form-to-email allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Contact Form Email: from n/a through = 1.3.60...
EUVD-2025-204247
Authorization Bypass Through User-Controlled Key vulnerability in codepeople Contact Form Email contact-form-to-email allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Contact Form Email: from n/a through = 1.3.60...
CVE-2025-10019
Authorization Bypass Through User-Controlled Key vulnerability in codepeople Contact Form Email contact-form-to-email allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Contact Form Email: from n/a through = 1.3.60...
CVE-2025-10019 WordPress Contact Form Email plugin <= 1.3.60 - Insecure Direct Object References (IDOR) vulnerability
Authorization Bypass Through User-Controlled Key vulnerability in codepeople Contact Form Email contact-form-to-email allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Contact Form Email: from n/a through = 1.3.60...
CVE-2025-10019 WordPress Contact Form Email plugin <= 1.3.60 - Insecure Direct Object References (IDOR) vulnerability
Authorization Bypass Through User-Controlled Key vulnerability in codepeople Contact Form Email contact-form-to-email allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Contact Form Email: from n/a through = 1.3.60...
WordPress plugin Contact Form Email 安全漏洞
WordPress and WordPress plugin are products of the WordPress Foundation, a blogging platform developed in the PHP language. The platform has the ability to host personal blog sites on PHP and MySQL based servers.WordPress plugin is an application plugin. A security vulnerability exists in WordPre...
PT-2025-51996
Name of the Vulnerable Software and Affected Versions codepeople Contact Form Email versions through 1.3.60 Description An authorization bypass exists in codepeople Contact Form Email due to incorrectly configured access control security levels. This allows exploitation through a user-controlled...
WordPress Contact Form Email plugin <= 1.3.60 - Insecure Direct Object References (IDOR) vulnerability
Insecure Direct Object References IDOR vulnerability discovered by Rooting in WordPress Plugin Contact Form Email versions = 1.3.60...
WordPress Contact Form Email plugin missing authorization vulnerability
WordPress Contact Form Email plugin is a powerful contact form tool that is mainly used to create contact forms and email the submitted data to a specified address, while supporting data storage, report generation and export features. A lack of authorization vulnerability exists in the WordPress...