EUVD-2026-10483

The Unlimited Elements for Elementor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the form entry fields in all versions up to, and including, 2.0.5. This is due to insufficient input sanitization and output escaping on form submission data displayed in the admin Form...

CVE-2026-25320

Missing Authorization vulnerability in Cool Plugins Elementor Contact Form DB sb-elementor-contact-form-db allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Elementor Contact Form DB: from n/a through = 2.1.3...

WordPress plugin Elementor Contact Form DB 安全漏洞

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application extension. There is...

CVE-2023-0721

The Metform Elementor Contact Form Builder plugin for WordPress is vulnerable to CSV injection in versions up to, and including, 3.3.0. This allows unauthenticated attackers to embed untrusted input into exported CSV files, which can result in code execution when these files are downloaded and...

CVE-2025-47644

URL Redirection to Untrusted Site 'Open Redirect' vulnerability in formsintegrations Integrations of Zoho CRM with Elementor form integrations-of-zoho-crm-with-elementor-form allows Phishing.This issue affects Integrations of Zoho CRM with Elementor form: from n/a through = 1.0.8...

WordPress Integrations of Zoho CRM with Elementor form plugin <= 1.0.8 - Open Redirection Vulnerability

Open Redirection Vulnerability discovered by Nguyen Xuan Chien in WordPress Plugin Integrations of Zoho CRM with Elementor form versions = 1.0.8...

CVE-2025-47644 WordPress Integrations of Zoho CRM with Elementor form plugin <= 1.0.8 - Open Redirection Vulnerability

URL Redirection to Untrusted Site 'Open Redirect' vulnerability in formsintegrations Integrations of Zoho CRM with Elementor form integrations-of-zoho-crm-with-elementor-form allows Phishing.This issue affects Integrations of Zoho CRM with Elementor form: from n/a through = 1.0.8...

CVE-2025-47644 WordPress Integrations of Zoho CRM with Elementor form plugin <= 1.0.8 - Open Redirection Vulnerability

URL Redirection to Untrusted Site 'Open Redirect' vulnerability in formsintegrations Integrations of Zoho CRM with Elementor form integrations-of-zoho-crm-with-elementor-form allows Phishing.This issue affects Integrations of Zoho CRM with Elementor form: from n/a through = 1.0.8...

CVE-2025-47644

CVE-2025-47644: Open Redirect in WordPress plugin Integrations of Zoho CRM with Elementor form (versions &lt;= 1.0.7; Patchstack references

WordPress plugin Integrations of Zoho CRM with Elementor form 输入验证错误漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. WordPress plugin is an application plugin that supports personal blog sites on PHP and MySQL servers. An input validation error vulnerability exists in...

PT-2025-20203 · Elementor +1 · Elementor +1

Name of the Vulnerable Software and Affected Versions: Zoho CRM with Elementor form versions 1.0.0 through 1.0.7 Description: The issue is related to a URL Redirection to Untrusted Site 'Open Redirect' vulnerability in the formsintegrations Integrations of Zoho CRM with Elementor form, which allo...

WordPress Metform Elementor Contact Form Builder plugin <= 3.9.7 - Server Side Request Forgery (SSRF) vulnerability

Server Side Request Forgery SSRF vulnerability discovered by Marek Mikita in WordPress Plugin Metform versions = 3.9.2...

CVE-2023-0710

The Metform Elementor Contact Form Builder for WordPress is vulnerable to Cross-Site Scripting by using the 'fname' attribute of the 'mfthankyou' shortcode to echo unescaped form submissions in versions up to, and including, 3.3.0. This allows authenticated attackers, with contributor-level...

CVE-2023-0693

The Metform Elementor Contact Form Builder for WordPress is vulnerable to Information Disclosure via the 'mftransactionid' shortcode in versions up to, and including, 3.3.1. This allows authenticated attackers, with subscriber-level capabilities or above to obtain sensitive information about the...

CVE-2023-0691

The Metform Elementor Contact Form Builder for WordPress is vulnerable to Information Disclosure via the 'mflastname' shortcode in versions up to, and including, 3.3.1. This allows authenticated attackers, with subscriber-level capabilities or above to obtain sensitive information about arbitrary...

PT-2023-17275 · WordPress · Metform Elementor Contact Form Builder

Name of the Vulnerable Software and Affected Versions: Metform Elementor Contact Form Builder plugin for WordPress versions up to, and including, 3.3.0 Description: The issue allows unauthorized updates to the permalink structure due to a missing capability check on the permalink setup function...

WordPress plugin Metform Elementor Contact Form Builder 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A security vulnerability exists in WordPres...

CVE-2023-0085

The Metform Elementor Contact Form Builder plugin for WordPress is vulnerable to reCaptcha Bypass in versions up to, and including, 3.2.1. This is due to insufficient server side checking on the captcha value submitted during a form submission. This makes it possible for unauthenticated attackers...

WordPress Plugin Metform Elementor Contact Form Builder 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. WordPress Plugin Metform Elementor Contact...