WordPress Database for Contact Form 7, WPforms, Elementor forms plugin <= 1.4.5 - Missing Authorization to Unauthenticated Form Data Exfiltration via CSV Export vulnerability

Missing Authorization to Unauthenticated Form Data Exfiltration via CSV Export vulnerability discovered by Teerachai Somprasong in WordPress Plugin Contact Form Entries versions = 1.4.5...

WordPress Contact Form Entries plugin <= 1.3.8 - Unauthenticated Stored Cross-Site Scripting vulnerability

Unauthenticated Stored Cross-Site Scripting vulnerability discovered by Tim Coen in WordPress Plugin Contact Form Entries versions = 1.3.8...

WordPress plugin Contact Form Entries Security Vulnerability

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. WordPress plugin is an application plugin that supports personal blogs on PHP and MySQL servers. A security vulnerability exists in the WordPress plugin...

CVE-2022-3604

The Contact Form Entries WordPress plugin before 1.3.0 does not validate data when its output in a CSV file, which could lead to CSV injection...

WordPress plugin Contact Form Entries Security Vulnerability

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. WordPress is a blogging platform developed using the PHP language, which supports personal blogs on PHP and MySQL servers.WordPress plugin is an...

PT-2024-11597 · WordPress · Contact Form Entries

Name of the Vulnerable Software and Affected Versions: Contact Form Entries WordPress plugin versions prior to 1.3.0 Description: The issue concerns the Contact Form Entries WordPress plugin, which does not validate data when outputting it in a CSV file. This lack of validation could lead to CSV...