CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

175 matches found

CNNVD•added 2026/04/24 12:0 a.m.•3 views

WordPress plugin Booking Calendar Contact Form 安全漏洞

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application extension. There is...

5.3CVSS5.8AI score0.00018EPSS

Exploits0References1

Cvelist•added 2026/04/15 10:21 a.m.•24 views

CVE-2026-40764 WordPress Contact Form by WPForms plugin <= 1.10.0.2 - Cross Site Request Forgery (CSRF) vulnerability

Cross-Site Request Forgery CSRF vulnerability in Syed Balkhi Contact Form by WPForms wpforms-lite allows Cross Site Request Forgery.This issue affects Contact Form by WPForms: from n/a through = 1.10.0.2...

8.1CVSS0.00018EPSS

Exploits0References1

RedhatCVE•added 2026/03/26 3:17 p.m.•2 views

CVE-2026-32446

Missing Authorization vulnerability in Syed Balkhi Contact Form by WPForms wpforms-lite allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Contact Form by WPForms: from n/a through = 1.9.9.3...

4.3CVSS5.8AI score0.00037EPSS

Exploits0References1

Cvelist•added 2026/03/25 4:15 p.m.•21 views

CVE-2026-32532 WordPress Contact Form & Lead Form Elementor Builder plugin <= 2.0.1 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in ThemeHunk Contact Form & Lead Form Elementor Builder lead-form-builder allows Stored XSS.This issue affects Contact Form & Lead Form Elementor Builder: from n/a through = 2.0.1...

7.1CVSS0.00045EPSS

Exploits0References1

Vulnrichment•added 2026/03/25 4:14 p.m.•17 views

CVE-2026-25339 WordPress Contact Form by WPForms plugin <= 1.9.8.7 - Sensitive Data Exposure vulnerability

Insertion of Sensitive Information Into Sent Data vulnerability in Syed Balkhi Contact Form by WPForms wpforms-lite allows Retrieve Embedded Sensitive Data.This issue affects Contact Form by WPForms: from n/a through = 1.9.8.7...

5.8AI score0.00042EPSS

Exploits0References1

CNNVD•added 2026/03/25 12:0 a.m.•2 views

WordPress plugin Contact Form by WPForms 安全漏洞

6.5CVSS5.8AI score0.00042EPSS

Exploits0References1

CNNVD•added 2026/03/13 12:0 a.m.•4 views

WordPress plugin CP Contact Form with Paypal SQL注入漏洞

8.5CVSS5.8AI score0.00044EPSS

Exploits0References1

EUVD•added 2026/03/11 9:31 a.m.•3 views

EUVD-2026-11125

The Responsive Contact Form Builder & Lead Generation Plugin plugin for WordPress is vulnerable to Stored Cross-Site Scripting in all versions up to, and including, 2.0.1 via form field submissions. This is due to insufficient input sanitization in the lfbleadsanitize function which omits certain...

7.2CVSS5.9AI score0.0013EPSS

Exploits0References5

RedhatCVE•added 2026/01/09 11:12 a.m.•2 views

CVE-2016-10869

The contact-form-plugin plugin before 4.0.2 for WordPress has XSS...

6.1CVSS6.9AI score0.0019EPSS

Exploits0References1

RedhatCVE•added 2026/01/09 10:33 a.m.•4 views

CVE-2017-18491

The contact-form-plugin plugin before 4.0.6 for WordPress has multiple XSS issues...

6.1CVSS6.2AI score0.00104EPSS

Exploits1References1

RedhatCVE•added 2026/01/07 9:53 a.m.•6 views

CVE-2013-7481

The contact-form-plugin plugin before 3.3.5 for WordPress has XSS...

6.1CVSS7.1AI score0.0019EPSS

Exploits0References1

Positive Technologies•added 2026/01/07 12:0 a.m.•3 views

PT-2026-1572

Name of the Vulnerable Software and Affected Versions Bit Form – Contact Form Plugin versions prior to 2.21.7 Description The Bit Form – Contact Form Plugin for WordPress has a flaw allowing unauthorized workflow execution. The triggerWorkFlow function lacks proper authorization, specifically in...

6.5CVSS6.7AI score0.00286EPSS

Exploits0References6

CNNVD•added 2025/12/09 12:0 a.m.•1 views

WordPress plugin Contact Form by BestWebSoft 安全漏洞

...

4.3CVSS5.8AI score0.00012EPSS

Exploits0References1

CNVD•added 2025/11/25 12:0 a.m.•1 views

WordPress Booking Calendar Contact Form Plugin Missing Authorization Vulnerability

WordPress Booking Calendar Contact Form Plugin is a tool for creating contact forms with booking calendar functionality, supporting date selection, price configuration, PayPal payment integration, etc. for hotel and event booking scenarios. The WordPress Booking Calendar Contact Form Plugin suffe...

5.3CVSS6.5AI score0.00161EPSS

Exploits0References1

CVE•added 2025/11/22 7:29 a.m.•16 views

CVE-2025-13384

The WordPress plugin CP Contact Form with PayPal (

7.5CVSS5.9AI score0.00191EPSS

Exploits0References5

CNVD•added 2025/10/24 12:0 a.m.•2 views

WordPress CF7 Auto Responder Addon plugin cross-site scripting vulnerability

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress plugin is an application plugin. A cross-site scripting vulnerability exists in the WordPress CF7 Auto Responder Addon plugin, which stems from the application's lack of effective filtering and escaping of...

7.1CVSS6AI score0.0003EPSS

Exploits0References1

EUVD•added 2025/10/07 12:30 a.m.•3 views

EUVD-2015-1980

Malware in sbrugna...

6.8CVSS6.4AI score0.00189EPSS

Exploits2References7

EUVD•added 2025/10/07 12:30 a.m.•2 views

EUVD-2019-3261

Malware in sbrugna...

8.8CVSS8.5AI score0.00199EPSS

Exploits1References5