Contact Form by WPForms
Syed Balkhi
Developer
1.10.0.2
Latest version
6,000,000
Installations
No date
Last updated
Vulnerability history
0 present
16 patched
1 Mitigation rules
- Sensitive Data Exposure vulnerability<= 1.9.8.723/03/2026
- Broken Access Control vulnerability<= 1.9.9.307/03/2026
- Authenticated (Contributor+) Stored Cross-Site Scripting via 'start_timestamp' Parameter vulnerability<= 1.9.509/05/2025
- Authenticated (Contributor+) Stored Cross-Site Scripting via fieldHTML Parameter vulnerability<= 1.9.3.103/02/2025
- Broken Access Control vulnerability<= 1.9.2.203/01/2025
- Admin+ Stored XSS vulnerability< 1.9.2.326/12/2024
- Missing Authorization to Authenticated (Subscriber+) Payment Refund and Subscription Cancellation vulnerability1.8.4-1.9.2.109/12/2024
- Admin+ Stored XSS vulnerability< 1.9.1.625/11/2024
- Cross-Site Request Forgery (CSRF) to Plugin's Log Deletion vulnerability<= 1.9.1.612/11/2024
- Unauthenticated Price Manipulation vulnerability<= 1.8.7.202/05/2024
- Reflected Cross Site Scripting (XSS) vulnerability<= 1.8.1.220/06/2023
- Authenticated Arbitrary File Access vulnerability<= 1.7.5.319/09/2022
- Authenticated Stored Cross-Site Scripting (XSS) vulnerability<= 1.6.0.101/07/2020
- Authenticated Cross-Site Scripting (XSS) vulnerability<= 1.5.8.205/03/2020
- Unauthenticated Cross-Site Scripting (XSS) vulnerability<= 1.4.810/12/2018
- Authenticated Stored Cross-Site Scripting (XSS) vulnerability<= 1.4.707/12/2018