Contact Form Builder@* Security Vulnerabilities and Issues — Contact Form Builder@* CVE List

Lucene search

BitappsContact Form Builder*

8 matches found

CVE•added 2024/08/20 4:15 a.m.•42 views

CVE-2024-7702

The Contact Form by Bit Form: Multi Step Form, Calculation Contact Form, Payment Contact Form & Custom Contact Form builder plugin for WordPress is vulnerable to generic SQL Injection via the entryID parameter in versions 2.0 to 2.13.9 due to insufficient escaping on the user-supplied parameter and...

7.2CVSS7AI score0.0043EPSS

CVE•added 2024/08/20 4:15 a.m.•42 views

CVE-2024-7775

The Contact Form by Bit Form: Multi Step Form, Calculation Contact Form, Payment Contact Form & Custom Contact Form builder plugin for WordPress is vulnerable to arbitrary JavaScript file uploads due to missing input validation in the addCustomCode function in versions 2.0 to 2.13.9. This makes it ...

5.5CVSS5.5AI score0.00071EPSS

CVE•added 2024/08/20 4:15 a.m.•41 views

CVE-2024-7777

The Contact Form by Bit Form: Multi Step Form, Calculation Contact Form, Payment Contact Form & Custom Contact Form builder plugin for WordPress is vulnerable to arbitrary file read and deletion due to insufficient file path validation in multiple functions in versions 2.0 to 2.13.9. This makes it ...

9CVSS9.2AI score0.03105EPSS

CVE•added 2024/08/20 4:15 a.m.•41 views

CVE-2024-7780

The Contact Form by Bit Form: Multi Step Form, Calculation Contact Form, Payment Contact Form & Custom Contact Form builder plugin for WordPress is vulnerable to generic SQL Injection via the id parameter in versions 2.0 to 2.13.9 due to insufficient escaping on the user-supplied parameter and lack...

7.2CVSS7AI score0.00439EPSS

CVE•added 2025/01/25 9:15 a.m.•40 views

CVE-2024-13450

The Contact Form by Bit Form: Multi Step Form, Calculation Contact Form, Payment Contact Form & Custom Contact Form builder plugin for WordPress is vulnerable to Server-Side Request Forgery in all versions up to, and including, 2.17.4 via the Webhooks integration. This makes it possible for authent...

6.5CVSS4.1AI score0.00178EPSS

CVE•added 2024/08/20 4:15 a.m.•40 views

CVE-2024-7782

The Contact Form by Bit Form: Multi Step Form, Calculation Contact Form, Payment Contact Form & Custom Contact Form builder plugin for WordPress is vulnerable to arbitrary file deletion due to insufficient file path validation in the iconRemove function in versions 2.0 to 2.13.4. This makes it poss...

8.7CVSS8.8AI score0.0391EPSS

CVE•added 2023/08/14 8:15 p.m.•37 views

CVE-2023-3645

The Contact Form Builder by Bit Form WordPress plugin before 2.2.0 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed (for example in multisite ...

4.8CVSS4.9AI score0.00084EPSS

CVE•added 2024/03/13 4:15 p.m.•33 views

CVE-2024-1640

The Contact Form Builder Plugin: Multi Step Contact Form, Payment Form, Custom Contact Form Plugin by Bit Form plugin for WordPress is vulnerable to unauthorized modification of data due to a insufficient user validation on the bitforms_update_form_entry AJAX action in all versions up to, and inclu...

5.3CVSS6AI score0.00398EPSS