CVE-2026-40764

Cross-Site Request Forgery CSRF vulnerability in Syed Balkhi Contact Form by WPForms wpforms-lite allows Cross Site Request Forgery.This issue affects Contact Form by WPForms: from n/a through = 1.10.0.2...

CVE-2026-32446

Missing Authorization vulnerability in Syed Balkhi Contact Form by WPForms wpforms-lite allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Contact Form by WPForms: from n/a through = 1.9.9.3...

EUVD-2026-15649

Insertion of Sensitive Information Into Sent Data vulnerability in Syed Balkhi Contact Form by WPForms wpforms-lite allows Retrieve Embedded Sensitive Data.This issue affects Contact Form by WPForms: from n/a through = 1.9.8.7...

CVE-2026-25339

Insertion of Sensitive Information Into Sent Data vulnerability in Syed Balkhi Contact Form by WPForms wpforms-lite allows Retrieve Embedded Sensitive Data.This issue affects Contact Form by WPForms: from n/a through = 1.9.8.7...

EUVD-2026-11991

Missing Authorization vulnerability in Syed Balkhi Contact Form by WPForms wpforms-lite allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Contact Form by WPForms: from n/a through = 1.9.9.3...

CVE-2026-32446

Missing Authorization vulnerability in Syed Balkhi Contact Form by WPForms wpforms-lite allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Contact Form by WPForms: from n/a through = 1.9.9.3...

CVE-2024-56276

Missing Authorization vulnerability in Syed Balkhi Contact Form by WPForms wpforms-lite allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Contact Form by WPForms: from n/a through = 1.9.2.2...

CVE-2024-56276

Missing Authorization vulnerability in Syed Balkhi Contact Form by WPForms wpforms-lite allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Contact Form by WPForms: from n/a through = 1.9.2.2...

WordPress Contact Form by WPForms plugin <= 1.8.7.2 - Unauthenticated Price Manipulation vulnerability

Unauthenticated Price Manipulation vulnerability discovered by Asaf Mozes in WordPress Plugin Contact Form by WPForms versions = 1.8.7.2...

WordPress WPForms Contact Form Plugin < 1.5.9 XSS Vulnerability

The WordPress plugin SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptoid"1.3.6.1.4.1.25623.1.0.113660";...

Cross site scripting

A stored cross-site scripting XSS vulnerability exists in the WPForms Contact Form aka wpforms-lite plugin before 1.5.9 for WordPress...

CVE-2020-10385

A stored cross-site scripting XSS vulnerability exists in the WPForms Contact Form aka wpforms-lite plugin before 1.5.9 for WordPress...

PT-2020-12055 · Wpforms · Wpforms Contact Form

Name of the Vulnerable Software and Affected Versions: WPForms Contact Form plugin versions prior to 1.5.9 Description: A stored cross-site scripting XSS issue exists in the WPForms Contact Form plugin for WordPress. This allows for malicious scripts to be stored and executed on the site...