Support Us — Your donation helps us keep running

Goal: 1000 CNY,Raised: 1000 CNY

100.0%
Donate Now

BestWebSoft — Vulnerabilities & Security Advisories 29

Browse all 29 CVE security advisories affecting BestWebSoft. AI-powered Chinese analysis, POCs, and references for each vulnerability.

Top 10 Products BestWebSoft:Contact Form PluginFacebook Like ButtonTwitter PluginContact Form to DB by BestWebSoft – Messages Database Plugin For WordPressPortfolio PluginContact Form by BestWebSoft – Advanced WP Contact Form Builder for WordPressMultilanguage by BestWebSoftContact FormContact Form by BestWebSoftError Log Viewer by BestWebSoftGallery by BestWebSoft – Customizable Image and Photo Galleries for WordPressGoogle CaptchaContact Form to DB by BestWebSoftCaptcha by BestWebSoftLimit Attempts by BestWebSoftPost to CSV by BestWebSoftProfile Extra Fields by BestWebSoftPaginationRelevant PluginJob Board PluginCar Rental by BestWebSoftCaptcha
CVE IDTitleCVSSSeverityPaused
CVE-2026-24598 WordPress Multilanguage by BestWebSoft plugin <= 1.5.2 - Broken Access Control vulnerability — Multilanguage by BestWebSoftCWE-862 4.3 Medium2026-01-23
CVE-2025-63056 WordPress Contact Form by BestWebSoft plugin <= 4.3.6 - Broken Access Control vulnerability — Contact Form by BestWebSoftCWE-862 4.3 Medium2025-12-09
CVE-2025-9950 Error Log Viewer by BestWebSoft <= 1.1.6 - Authenticated (Administrator+) Arbitrary File Read — Error Log Viewer by BestWebSoftCWE-22 4.9 Medium2025-10-11
CVE-2024-13906 Gallery by BestWebSoft – Customizable Image and Photo Galleries for WordPress <= 4.7.3 - Authenticated (Administrator+) PHP Object Injection — Gallery by BestWebSoft – Customizable Image and Photo Galleries for WordPressCWE-502 7.2 High2025-03-07
CVE-2025-24628 WordPress reCaptcha by BestWebSoft Plugin <= 1.78 - Captcha Bypass vulnerability — Google CaptchaCWE-290 9.1 -2025-01-27
CVE-2024-35678 WordPress Contact Form to DB by BestWebSoft plugin <= 1.7.2 - SQL Injection vulnerability — Contact Form to DB by BestWebSoftCWE-89 8.5 High2024-06-08
CVE-2024-31295 WordPress Captcha by BestWebSoft plugin <= 5.2.0 - Captcha Bypass vulnerability — Captcha by BestWebSoftCWE-804 5.3 Medium2024-05-17
CVE-2024-2198 Contact Form by BestWebSoft <= 4.2.8 - Reflected Cross-Site Scripting via cntctfrm_contact_address — Contact Form by BestWebSoft – Advanced WP Contact Form Builder for WordPressCWE-79 6.1 Medium2024-04-09
CVE-2024-2200 Contact Form by BestWebSoft <= 4.2.8 - Reflected Cross-Site Scripting via cntctfrm_contact_subject — Contact Form by BestWebSoft – Advanced WP Contact Form Builder for WordPressCWE-79 6.1 Medium2024-04-09
CVE-2024-30439 WordPress Limit Attempts by BestWebSoft plugin <= 1.2.9 - Reflected Cross Site Scripting (XSS) vulnerability — Limit Attempts by BestWebSoftCWE-79 7.1 High2024-03-29
CVE-2014-125109 BestWebSoft Portfolio Plugin bws_menu.php bws_add_menu_render cross site scripting — Portfolio PluginCWE-79 3.5 Low2023-12-26
CVE-2012-10017 BestWebSoft Portfolio Plugin cross-site request forgery — Portfolio PluginCWE-352 4.3 Medium2023-12-26
CVE-2023-29096 WordPress Contact Form to DB by BestWebSoft Plugin <= 1.7.0 is vulnerable to SQL Injection — Contact Form to DB by BestWebSoft – Messages Database Plugin For WordPressCWE-89 8.5 High2023-12-20
CVE-2023-36527 WordPress Post to CSV by BestWebSoft Plugin <= 1.4.0 is vulnerable to CSV Injection — Post to CSV by BestWebSoftCWE-1236 7.8 -2023-11-07
CVE-2023-36508 WordPress Contact Form to DB by BestWebSoft Plugin <= 1.7.1 is vulnerable to SQL Injection — Contact Form to DB by BestWebSoft – Messages Database Plugin For WordPressCWE-89 9.8 -2023-10-31
CVE-2023-4469 Profile Extra Fields by BestWebSoft <= 1.2.7 - Missing Authorization to Sensitive Information Exposure — Profile Extra Fields by BestWebSoftCWE-862 5.3 Medium2023-10-06
CVE-2023-28778 WordPress Pagination by BestWebSoft Plugin <= 1.2.2 is vulnerable to Cross Site Scripting (XSS) — PaginationCWE-79 5.9 Medium2023-06-22
CVE-2014-125103 BestWebSoft Twitter Plugin twitter.php twttr_settings_page cross site scripting — Twitter PluginCWE-79 2.4 Low2023-05-31
CVE-2012-10015 BestWebSoft Twitter Plugin Settings Page twitter.php twttr_settings_page cross-site request forgery — Twitter PluginCWE-352 4.3 Medium2023-05-30
CVE-2014-125102 Bestwebsoft Relevant Plugin Thumbnail information disclosure — Relevant PluginCWE-200 4.3 Medium2023-05-29
CVE-2014-125100 BestWebSoft Job Board Plugin cross site scripting — Job Board PluginCWE-79 3.5 Low2023-05-02
CVE-2022-44734 WordPress Car Rental by BestWebSoft Plugin <= 1.1.2 is vulnerable to Cross Site Scripting (XSS) — Car Rental by BestWebSoftCWE-79 4.8 Medium2023-04-16
CVE-2014-125097 BestWebSoft Facebook Like Button facebook-button-plugin.php fcbkbttn_settings_page cross site scripting — Facebook Like ButtonCWE-79 3.5 Low2023-04-10
CVE-2012-10012 BestWebSoft Facebook Like Button facebook-button-plugin.php fcbk_bttn_plgn_settings_page cross-site request forgery — Facebook Like ButtonCWE-352 4.3 Medium2023-04-09
CVE-2014-125095 BestWebSoft Contact Form Plugin bws_menu.php bws_add_menu_render cross site scripting — Contact Form PluginCWE-79 3.5 Low2023-04-09
CVE-2012-10010 BestWebSoft Contact Form contact_form.php cntctfrm_settings_page cross-site request forgery — Contact FormCWE-352 4.3 Medium2023-04-09
CVE-2013-10022 BestWebSoft Contact Form Plugin contact_form.php cntctfrm_check_form cross site scripting — Contact Form PluginCWE-79 3.5 Low2023-04-05
CVE-2017-20055 BestWebSoft Contact Form Plugin Stored cross site scriting — Contact Form PluginCWE-80 3.5 Low2022-06-16
CVE-2017-2171 多款WordPress插件跨站脚本漏洞 — Captcha 6.1 -2017-05-22

This page lists every published CVE security advisory associated with BestWebSoft. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.