| CVE-2024-10683 | Contact Form 7 - PayPal & Stripe Add-on <= 2.3.1 - Reflected Cross-Site Scripting | scottpaterson | Contact Form 7 – PayPal & Stripe Add-on | Medium | 6.1 | 2024-11-09 06:41:25 | Deep Dive |
| CVE-2024-10647 | WS Form LITE – Drag & Drop Contact Form Builder for WordPress <= 1.9.244 - Reflected Cross-Site Scripting via URL | westguard | WS Form LITE – Drag & Drop Contact Form Builder | Medium | 6.1 | 2024-11-06 02:01:57 | Deep Dive |
| CVE-2024-10084 | Contact Form 7 – Dynamic Text Extension <= 4.5 - Information Disclosure via Shortcode | sevenspark | Contact Form 7 – Dynamic Text Extension | Medium | 4.3 | 2024-11-05 21:29:18 | Deep Dive |
| CVE-2024-50523 | WordPress All Post Contact Form plugin <= 1.8.2 - Arbitrary File Upload vulnerability | RainbowLink Inc. | All Post Contact Form | Critical | 10.0 | 2024-11-04 13:46:00 | Deep Dive |
| CVE-2024-44019 | WordPress Contact Form 7 Campaign Monitor Extension plugin <= 0.4.67 - Arbitrary File Deletion vulnerability | Renzo Johnson | Contact Form 7 Campaign Monitor Extension | Medium | 5.3 | 2024-11-01 14:17:10 | Deep Dive |
| CVE-2024-9700 | Forminator Forms – Contact Form, Payment Form & Custom Form Builder <= 1.36.0 - Insecure Direct Object Reference to Submission Manipulation | wpmudev | Forminator Forms – Contact Form, Payment Form & Custom Form Builder | Medium | 5.3 | 2024-10-31 05:31:24 | Deep Dive |
| CVE-2024-50412 | WordPress Conditional Fields for Contact Form 7 plugin <= 2.4.15 - Cross Site Scripting (XSS) vulnerability | Jules Colle | Conditional Fields for Contact Form 7 | Medium | 5.9 | 2024-10-29 08:48:38 | Deep Dive |
| CVE-2024-9629 | Contact Form 7 + Telegram <= 0.8.5 - Missing Authorization to Authenticated (Subscriber+) Subscription Approve/Pause/Refuse | hokku | Message Bridge for Contact Form 7 and Telegram | Medium | 5.4 | 2024-10-28 17:31:55 | Deep Dive |
| CVE-2024-10402 | Forminator Forms – Contact Form, Payment Form & Custom Form Builder <= 1.35.1 - Missing Authorization to Authenticated (Contributor+) Form Update and Creation | wpmudev | Forminator Forms – Contact Form, Payment Form & Custom Form Builder | High | 7.5 | 2024-10-26 11:38:03 | Deep Dive |
| CVE-2024-10180 | Contact Form 7 - Repeatable Fields <= 2.0.1 - Authenticated (Contributor+) Stored Cross-Site Scripting via field_group Shortcode | felipeelia | Contact Form 7 – Repeatable Fields | Medium | 6.4 | 2024-10-24 12:32:58 | Deep Dive |
| CVE-2024-49612 | WordPress SW Contact Form plugin <= 1.0 - SQL Injection vulnerability | Sanjeev | SW Contact Form | High | 8.5 | 2024-10-20 10:01:21 | Deep Dive |
| CVE-2024-48021 | WordPress Contact Form 7 – PayPal & Stripe Add-on plugin <= 2.3 - Reflected Cross Site Scripting (XSS) vulnerability | Scott Paterson | Contact Form 7 – PayPal & Stripe Add-on | High | 7.1 | 2024-10-17 12:29:15 | Deep Dive |
| CVE-2024-48046 | WordPress Contact Form by Supsystic plugin <= 1.7.28 - Cross Site Scripting (XSS) vulnerability | supsystic | Contact Form by Supsystic | Medium | 5.9 | 2024-10-17 12:19:09 | Deep Dive |
| CVE-2024-48037 | WordPress Contact Form Widget plugin <= 1.4.2 - CSRF vulnerability | A WP Life | Contact Form Widget | Medium | 5.4 | 2024-10-17 12:14:36 | Deep Dive |
| CVE-2024-9351 | Forminator Forms – Contact Form, Payment Form & Custom Form Builder <= 1.35.1 - Cross-Site Request Forgery to Draft Quiz Creation | wpmudev | Forminator Forms – Contact Form, Payment Form & Custom Form Builder | Medium | 4.3 | 2024-10-17 05:33:09 | Deep Dive |
| CVE-2024-9352 | Forminator Forms – Contact Form, Payment Form & Custom Form Builder <= 1.35.1 - Cross-Site Request Forgery to Draft Custom Form Creation | wpmudev | Forminator Forms – Contact Form, Payment Form & Custom Form Builder | Medium | 4.3 | 2024-10-17 05:33:09 | Deep Dive |
| CVE-2024-48042 | WordPress Contact Form by Supsystic plugin <= 1.7.28 - Remote Code Execution (RCE) vulnerability | supsystic | Contact Form by Supsystic | Critical | 9.1 | 2024-10-16 12:58:38 | Deep Dive |
| CVE-2017-20194 | Formidable Form Builder < 2.05.03 - Unauthenticated Information Disclosure | strategy11team | Formidable Forms – Contact Form Plugin, Survey, Quiz, Payment, Calculator Form & Custom Form Builder | Medium | 5.3 | 2024-10-16 07:31:53 | Deep Dive |
| CVE-2017-20192 | Formidable Form Builder < 2.05.03 - Unauthenticated Stored Cross-Site Scripting | strategy11team | Formidable Forms – Contact Form Plugin, Survey, Quiz, Payment, Calculator Form & Custom Form Builder | High | 8.3 | 2024-10-16 06:43:36 | Deep Dive |
| CVE-2022-4974 | Freemius SDK <= 2.4.2 - Missing Authorization Checks | dashlabsltd | YASR – Yet Another Star Rating Plugin for WordPress | Medium | 6.3 | 2024-10-16 06:43:30 | Deep Dive |