Lucene search
K

5 matches found

RedhatCVE
RedhatCVE
added 2026/03/26 3:1 p.m.6 views

CVE-2026-1454

The Responsive Contact Form Builder & Lead Generation Plugin plugin for WordPress is vulnerable to Stored Cross-Site Scripting in all versions up to, and including, 2.0.1 via form field submissions. This is due to insufficient input sanitization in the lfbleadsanitize function which omits certain...

7.2CVSS6AI score0.00241EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/03/11 8:24 a.m.8 views

CVE-2026-1454

The Responsive Contact Form Builder & Lead Generation Plugin plugin for WordPress is vulnerable to Stored Cross-Site Scripting in all versions up to, and including, 2.0.1 via form field submissions. This is due to insufficient input sanitization in the lfbleadsanitize function which omits certain...

7.2CVSS5.9AI score0.00241EPSS
Exploits0References5
NVD
NVD
added 2024/05/03 6:15 a.m.29 views

CVE-2024-3637

The Responsive Contact Form Builder & Lead Generation Plugin WordPress plugin through 1.8.9 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed...

6.1CVSS5.4AI score0.00472EPSS
Exploits2References1
Cvelist
Cvelist
added 2024/05/03 6:0 a.m.38 views

CVE-2024-3637 Responsive Contact Form Builder & Lead Generation Plugin <= 1.8.9 - Admin+ Stored XSS

The Responsive Contact Form Builder & Lead Generation Plugin WordPress plugin through 1.8.9 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed...

5.5AI score0.00472EPSS
Exploits2References1
Positive Technologies
Positive Technologies
added 2024/05/02 12:0 a.m.6 views

PT-2024-18026 · WordPress · Responsive Contact Form Builder & Lead Generation Plugin

Name of the Vulnerable Software and Affected Versions: The Responsive Contact Form Builder & Lead Generation Plugin plugin for WordPress versions prior to 1.8.9 Description: The issue allows unauthorized access to functionality due to a missing capability check on several functions. This makes it...

4.3CVSS6.9AI score0.00272EPSS
Exploits0References7
Rows per page
Query Builder