Lucene search
K

4 matches found

Packet Storm
Packet Storm
added 2025/03/07 12:0 a.m.297 views

WordPress Custom Contact Form 5.1.0.3 CSRF / SQL Injection

WordPress Custom Contact Form plugin version 5.1.0.3 suffers from cross site request forgery and remote SQL injection vulnerabilities. ============================================================================================================================================= | Title : WordPress...

8.4AI score
Exploits0
CVE
CVE
added 2024/10/11 7:37 a.m.51 views

CVE-2024-9507

CVE-2024-9507 concerns the WordPress plugin Bit Form (Contact Form by Bit Form) up to version 2.15.2. The issue arises from improper input validation in the iconUpload function, enabling authenticated attackers with Administrator-level access and above to perform a PHP filter chain attack and rea...

4.9CVSS5.3AI score0.00519EPSS
Exploits0References5
NVD
NVD
added 2024/08/20 4:15 a.m.27 views

CVE-2024-7775

The Contact Form by Bit Form: Multi Step Form, Calculation Contact Form, Payment Contact Form & Custom Contact Form builder plugin for WordPress is vulnerable to arbitrary JavaScript file uploads due to missing input validation in the addCustomCode function in versions 2.0 to 2.13.9. This makes i...

5.5CVSS0.00243EPSS
Exploits0References2
Cvelist
Cvelist
added 2024/08/20 3:21 a.m.32 views

CVE-2024-7777 Contact Form by Bit Form: Multi Step Form, Calculation Contact Form, Payment Contact Form & Custom Contact Form builder 2.0 - 2.13.9 - Authenticated (Administrator+) Arbitrary File Read And Deletion

The Contact Form by Bit Form: Multi Step Form, Calculation Contact Form, Payment Contact Form & Custom Contact Form builder plugin for WordPress is vulnerable to arbitrary file read and deletion due to insufficient file path validation in multiple functions in versions 2.0 to 2.13.9. This makes i...

9CVSS0.01025EPSS
Exploits0References5
Rows per page
Query Builder