| CVE-2024-4704 | Contact Form 7 < 5.9.5 - Unauthenticated Open Redirect | Unknown | Contact Form 7 | - | - | 2024-06-27 06:00:04 | Deep Dive |
| CVE-2024-6297 | Several WordPress.org Plugins <= Various Versions - Injected Backdoor | warfareplugins | Social Sharing Plugin – Social Warfare | Critical | 10.0 | 2024-06-25 03:30:38 | Deep Dive |
| CVE-2024-4266 | MetForm – Contact Form, Survey, Quiz, & Custom Form Builder for Elementor <= 3.8.8 - Unauthenticated Sensitive Information Exposure | roxnor | MetForm – Contact Form, Survey, Quiz, & Custom Form Builder for Elementor | Medium | 5.3 | 2024-06-11 07:32:26 | Deep Dive |
| CVE-2024-3723 | Advanced Contact form 7 DB <= 2.0.2 - Sensitive Information Exposure | vsourz1td | Advanced Contact form 7 DB | Medium | 5.3 | 2024-06-11 05:33:41 | Deep Dive |
| CVE-2024-4319 | Advanced Contact form 7 DB <= 2.0.2 - Missing Authorization to Unauthenticated Information Disclosure | vsourz1td | Advanced Contact form 7 DB | Medium | 5.3 | 2024-06-11 05:33:40 | Deep Dive |
| CVE-2024-35747 | WordPress Contact Form Builder, Contact Widget plugin <= 2.1.7 - Bypass Vulnerability vulnerability | wpdevart | Contact Form Builder, Contact Widget | Medium | 5.3 | 2024-06-10 16:37:17 | Deep Dive |
| CVE-2024-35678 | WordPress Contact Form to DB by BestWebSoft plugin <= 1.7.2 - SQL Injection vulnerability | BestWebSoft | Contact Form to DB by BestWebSoft | High | 8.5 | 2024-06-08 15:57:33 | Deep Dive |
| CVE-2023-5424 | WS Form LITE <= 1.9.217 - Unauthenticated CSV Injection | westguard | WS Form LITE – Drag & Drop Contact Form Builder | Medium | 4.7 | 2024-06-07 09:33:36 | Deep Dive |
| CVE-2023-48318 | WordPress Contact Form Email plugin <= 1.3.41 - Captcha Bypass vulnerability | CodePeople | Contact Form Email | Medium | 5.3 | 2024-06-04 10:26:33 | Deep Dive |
| CVE-2023-45009 | WordPress Captcha for Contact Form 7 plugin <= 1.11.3 - Capcha Bypass vulnerability | Forge12 Interactive GmbH | Captcha/Honeypot for Contact Form 7 | Medium | 5.3 | 2024-06-04 09:06:10 | Deep Dive |
| CVE-2023-28494 | WordPress Contact Form Email plugin <= 1.3.31 - Missing Authorization Leading To Feedback Submission Vulnerability | CodePeople | Contact Form Email | Medium | 4.3 | 2024-06-04 07:06:02 | Deep Dive |
| CVE-2024-4870 | Frontend Registration – Contact Form 7 <= 5.1 - Authenticated (Editor+) Privilege Escalation | pokornydavid | Frontend Registration – Contact Form 7 | High | 7.2 | 2024-06-04 02:00:55 | Deep Dive |
| CVE-2023-27460 | WordPress CP Contact Form with PayPal plugin <= 1.3.34 - Missing Authorization Leading To Feedback Submission vulnerability | CodePeople, paypaldev | CP Contact Form with Paypal | Medium | 4.3 | 2024-06-03 22:01:44 | Deep Dive |
| CVE-2024-35632 | WordPress Integration for Constant Contact and Contact Form 7, WPForms, Elementor, Ninja Forms plugin <= 1.1.5 - Cross Site Request Forgery (CSRF) vulnerability | CRM Perks. | Integration for Contact Form 7 and Constant Contact | Medium | 4.3 | 2024-06-03 11:49:26 | Deep Dive |
| CVE-2024-34754 | WordPress Contact Form Widget plugin <= 1.3.9 - Sensitive Data Exposure vulnerability | A WP Life | Contact Form Widget | Medium | 5.3 | 2024-06-03 10:23:59 | Deep Dive |
| CVE-2024-2295 | Contact Form Manager <= 1.6.1 - Authenticated (Contributor+) Stored Cross-Site Scripting | f1logic | Contact Form Manager | Medium | 6.4 | 2024-06-01 07:35:56 | Deep Dive |
| CVE-2024-4261 | Responsive Contact Form Builder & Lead Generation Plugin <= 1.9.1 - Authenticated (Subscriber+) Arbitrary Shortcode Execution | themehunk | Lead Form Builder & Contact Form | Medium | 5.4 | 2024-05-22 12:44:36 | Deep Dive |
| CVE-2024-4157 | Contact Form Plugin by Fluent Forms for Quiz, Survey, and Drag & Drop WP Form Builder <= 5.1.15 - PHP Object Injection via extractDynamicValues | techjewel | Fluent Forms – Customizable Contact Forms, Survey, Quiz, & Conversational Form Builder | High | 7.5 | 2024-05-22 07:37:24 | Deep Dive |
| CVE-2024-4709 | Contact Form Plugin by Fluent Forms for Quiz, Survey, and Drag & Drop WP Form Builder <= 5.1.16 - Authenticated (Contributor+) Stored Cross-Site Scripting | techjewel | Fluent Forms – Customizable Contact Forms, Survey, Quiz, & Conversational Form Builder | Medium | 6.4 | 2024-05-18 07:38:35 | Deep Dive |
| CVE-2024-2772 | Contact Form Plugin by Fluent Forms for Quiz, Survey, and Drag & Drop WP Form Builder <= 5.1.13 - Authenticated (Subscriber+) Stored Cross-Site Scripting | techjewel | Fluent Forms – Customizable Contact Forms, Survey, Quiz, & Conversational Form Builder | Medium | 6.4 | 2024-05-18 07:38:33 | Deep Dive |