| CVE ID | Title | Vendor | Product | Severity | CVSS Score | Published At | AI Analysis |
|---|---|---|---|---|---|---|---|
| CVE-2022-1801 | Very Simple Contact Form < 11.6 - Captcha bypass | Unknown | Very Simple Contact Form | 高危 | - | 2022-06-20 10:25:59 | Deep Dive |
| CVE-2021-36827 | WordPress Ninja Forms Contact Form plugin <= 3.6.9 - Authenticated Stored Cross-Site Scripting (XSS) vulnerability | Saturday Drive | Ninja Forms Contact Form (WordPress plugin) | Medium | 4.8 | 2022-06-16 17:11:17 | Deep Dive |
| CVE-2017-20055 | BestWebSoft Contact Form Plugin Stored cross site scriting | BestWebSoft | Contact Form Plugin | Low | 3.5 | 2022-06-16 12:20:22 | Deep Dive |
| CVE-2017-20054 | XYZScripts Contact Form Manager Plugin cross site scriting | XYZScripts | Contact Form Manager Plugin | Low | 3.5 | 2022-06-16 12:20:21 | Deep Dive |
| CVE-2017-20053 | XYZScripts Contact Form Manager Plugin cross-site request forgery | XYZScripts | Contact Form Manager Plugin | Medium | 4.3 | 2022-06-16 12:20:19 | Deep Dive |
| CVE-2022-1647 | FormCraft Basic < 1.2.6 - Admin+ Stored Cross Site Scripting | Unknown | FormCraft – Contact Form Builder for WordPress | 中危 | - | 2022-06-06 08:51:13 | Deep Dive |
| CVE-2022-1564 | Form Maker By 10Web < 1.14.12 - Admin+ Stored Cross-Site Scripting | Unknown | Form Maker by 10Web – Mobile-Friendly Drag & Drop Contact Form Builder | 中危 | - | 2022-05-30 08:35:57 | Deep Dive |
| CVE-2022-29408 | WordPress Advanced Contact form 7 DB plugin <= 1.8.7 - Unauthenticated Persistent Cross-Site Scripting (XSS) vulnerability | Vsourz Digital | Advanced Contact form 7 DB (WordPress plugin) | Medium | 4.7 | 2022-05-25 15:58:26 | Deep Dive |
| CVE-2022-1442 | Metform Elementor Contact Form Builder <= 2.1.3 - Sensitive Information Disclosure | roxnor | MetForm – Contact Form, Survey, Quiz, & Custom Form Builder for Elementor | High | 7.5 | 2022-05-10 19:30:12 | Deep Dive |
| CVE-2022-0404 | Material Design for Contact Form 7 <= 2.6.4 - Subscriber+ Arbitrary Settings Update leading to DoS | Unknown | Material Design for Contact Form 7 | 中危 | - | 2022-04-04 15:35:43 | Deep Dive |
| CVE-2022-0595 | Drag and Drop Multiple File Upload - Contact Form 7 < 1.3.6.3 - Unauthenticated Stored XSS | Unknown | Drag and Drop Multiple File Upload – Contact Form 7 | 中危 | - | 2022-03-28 17:22:57 | Deep Dive |
| CVE-2021-24905 | Advanced Contact form 7 DB < 1.8.7 - Subscriber+ Arbitrary File Deletion | Unknown | Advanced Contact form 7 DB | 高危 | - | 2022-03-21 18:55:37 | Deep Dive |
| CVE-2022-0248 | Contact Form Submissions < 1.7.3 - Unauthenticated Stored XSS | Unknown | Contact Form Submissions | 中危 | - | 2022-03-14 14:41:25 | Deep Dive |
| CVE-2021-24996 | IDPay for Contact Form 7 <= 2.1.2 - Reflected Cross-Site Scripting | Unknown | IDPay for Contact Form 7 | 中危 | - | 2022-03-14 14:41:10 | Deep Dive |
| CVE-2022-25601 | WordPress Contact Form X plugin <= 2.4 - Reflected Cross-Site Scripting (XSS) vulnerability | Jeff Starr | Contact Form X (WordPress plugin) | Medium | 4.7 | 2022-03-11 17:54:08 | Deep Dive |
| CVE-2022-0163 | Smart Forms < 2.6.71 - Subscriber+ Form Data Download | Unknown | Smart Forms – when you need more than just a contact form | 中危 | - | 2022-03-07 08:16:22 | Deep Dive |
| CVE-2021-24777 | Hotscot Contact Form < 1.3 - Admin+ SQL Injection | Unknown | Hotscot Contact Form | 高危 | - | 2022-03-07 08:15:57 | Deep Dive |
| CVE-2022-23988 | WS Form < 1.8.176 - Unauthenticated Stored Cross-Site Scripting | WS Form | WS Form LITE – Drag & Drop Contact Form Builder for WordPress | 中危 | - | 2022-02-28 09:07:03 | Deep Dive |
| CVE-2022-23987 | WS Form < 1.8.176 - Admin+ Stored Cross-Site Scripting | WS Form | WS Form LITE – Drag & Drop Contact Form Builder for WordPress | 中危 | - | 2022-02-28 09:07:01 | Deep Dive |
| CVE-2021-24689 | Contact Forms - Drag & Drop Contact Form Builder <= 1.0.5 - Admin+ Arbitrary System File Read | Unknown | Contact Forms – Drag & Drop Contact Form Builder | 中危 | - | 2022-02-28 09:06:04 | Deep Dive |