10 matches found
CVE-2026-25418
The CVE-2026-25418 entry describes an SQL Injection vulnerability in WordPress Bit Form bit-form (affected: Bit Form
WordPress Bit Form plugin 2.0 - 2.13.9 - Authenticated (Administrator+) SQL Injection vulnerability
WordPress Bit Form plugin 2.0 - 2.13.9 - Authenticated Administrator+ SQL Injection vulnerability discovered by TANG Cheuk Hei siunam in WordPress Plugin Bit Form versions 2.0-2.13.9...
WordPress Bit Form plugin <= 2.13.10 - Arbitrary File Upload vulnerability
Arbitrary File Upload vulnerability discovered by Minh Giang & Christopher Houk Patchstack Alliance in WordPress Plugin Bit Form versions = 2.13.10...
WordPress Bit Form – Contact Form Plugin Plugin <= 2.13.10 is vulnerable to Arbitrary File Upload
Software Bit Form – Contact Form Plugin Type Plugin Vulnerable versions = 2.13.10 Fixed in 2.13.11 OWASP Top 10 A3: Injection Classification Arbitrary File Upload CVE CVE-2024-47319 Patch priority Low CVSS severity Low 8 Developer Claim ownership PSID 4ad1bd9ca230 Credits Certus Cybersecurity...
WordPress Bit Form – Contact Form Plugin Plugin <= 2.13.10 is vulnerable to Cross Site Scripting (XSS)
Software Bit Form – Contact Form Plugin Type Plugin Vulnerable versions = 2.13.10 Fixed in 2.13.11 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2024-47301 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID 8aad81d86091 Credits Manab Jyoti...
WordPress Bit Form – Contact Form Plugin Plugin 2.0 - 2.13.9 is vulnerable to Cross Site Scripting (XSS)
Software Bit Form – Contact Form Plugin Type Plugin Vulnerable versions 2.0 - 2.13.9 Fixed in 2.13.10 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2024-7775 Patch priority Low CVSS severity Low 5.9 Developer Claim ownership PSID a79665250a6a Credits siunam Required...
WordPress Bit Form Pro Plugin <= 2.6.4 is vulnerable to Arbitrary File Deletion
Software Bit Form Pro Type Plugin Vulnerable versions = 2.6.4 Fixed in 2.8.0 OWASP Top 10 A1: Broken Access Control Classification Arbitrary File Deletion CVE CVE-2024-43248 Patch priority High CVSS severity High 8.6 Developer Claim ownership PSID fe35e84633f6 Credits Dave Jong Patchstack Require...
WordPress Bit Form Pro Plugin <= 2.6.4 is vulnerable to Sensitive Data Exposure
Software Bit Form Pro Type Plugin Vulnerable versions = 2.6.4 Fixed in 2.8.0 OWASP Top 10 A1: Broken Access Control Classification Sensitive Data Exposure CVE CVE-2024-43251 Patch priority Medium CVSS severity Medium 6.5 Developer Claim ownership PSID 6d6af3324445 Credits Dave Jong Patchstack...
WordPress Bit Form Pro Plugin <= 2.6.4 is vulnerable to Settings Change
Software Bit Form Pro Type Plugin Vulnerable versions = 2.6.4 Fixed in 2.8.0 OWASP Top 10 A1: Broken Access Control Classification Settings Change CVE CVE-2024-43250 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID 786f4284258a Credits Dave Jong Patchstack Required...
WordPress Bit Form – Contact Form Plugin Plugin <= 2.10.1 is vulnerable to Insecure Direct Object References (IDOR)
Software Bit Form – Contact Form Plugin Type Plugin Vulnerable versions = 2.10.1 Fixed in 2.10.2 OWASP Top 10 A4: Insecure Design Classification Insecure Direct Object References IDOR CVE CVE-2024-1640 Patch priority Low CVSS severity Low 5.3 Developer Claim ownership PSID 608867152d52 Credits...