3 matches found
Supsystic Contact Form Wordpress Plugin SSTI RCE
This module performs SSTI achieving RCE in webpages containing the Contact Form Wordpress plugin by Supsystic in versions 1.7.36 and before. Module Options msf use exploit/multi/http/wppluginsupsysticcontactformrce msf exploitwppluginsupsysticcontactformrce show targets ...targets... msf...
📄 WordPress Supsystic Contact Form 1.7.36 Server-Side Template Injection
Proof of concept code execution exploit for a server-side template injection vulnerability in WordPress Supsystic Contact Form plugin versions 1.7.36 and below Exploit Title: WordPress Plugin Supsystic Contact Form 1.7.36 - SSTI Date: 3/30/2026 Exploit Author: bootstrapbool Vendor Homepage:...
WordPress Contact Form by Supsystic plugin <= 1.7.36 - Cross Site Scripting (XSS) vulnerability
Cross Site Scripting XSS vulnerability discovered by 63n0 in WordPress Plugin Contact Form by Supsystic versions = 1.7.36...