Bit Form
Bit Apps
Developer
2.21.9
Latest version
10,000
Installations
No date
Last updated
Vulnerability history
0 present
19 fixed
4 Mitigation rules
- WordPress Bit Form - Contact Form Plugin plugin <= 2.21.6 - Missing Authorization to Unauthenticated Workflow Replay vulnerability<= 2.21.6Jan 7, 2026
- Unauthenticated Arbitrary File Upload vulnerability<= 2.20.3Aug 15, 2025
- Unauthenticated Sensitive Information Exposure vulnerability<= 2.17.5Jul 2, 2025
- Authenticated (Author+) Stored Cross-Site Scripting via SVG File Upload vulnerability<= 2.18.3Apr 24, 2025
- Open Redirection vulnerability<= 2.18.0Mar 27, 2025
- Authenticated (Administrator+) Server-Side Request Forgery vulnerability<= 2.17.4Jan 27, 2025
- Missing Authorization to Authenticated (Subscriber+) Form Submission Disclosure vulnerability<= 2.17.3Dec 24, 2024
- Authenticated (Administrator+) Improper Input Validation to Arbitrary File Read vulnerability<= 2.15.2Oct 10, 2024
- SQL Injection vulnerability<= 2.13.11Sep 26, 2024
- Arbitrary File Upload vulnerability<= 2.13.10Sep 25, 2024
- Cross Site Scripting (XSS) vulnerability<= 2.13.10Sep 24, 2024
- WordPress BitForm plugin 2.0 - 2.13.9 - Authenticated (Administrator+) Arbitrary File Read And Deletion vulnerability2.0 - 2.13.9Aug 20, 2024
- WordPress BitForm plugin 2.0 - 2.13.9 - Authenticated (Administrator+) Arbitrary JavaScript File Uploads vulnerability2.0 - 2.13.9Aug 20, 2024
- WordPress BitForm plugin 2.0 - 2.13.9 - Authenticated (Administrator+) SQL Injection via getLogHistory Function vulnerability2.0 - 2.13.9Aug 20, 2024
- WordPress BitForm plugin 2.0 - 2.13.4 - Authenticater (Administrator+) Arbitrary File Deletion vulnerability2.0 - 2.13.4Aug 20, 2024
- Authenticated (Administrator+) Arbitrary File Upload vulnerability<= 2.12.3Jul 9, 2024
- Unauthenticated Insecure Direct Object Reference to Form Submission Alteration vulnerability<= 2.10.1Mar 13, 2024
- Admin+ Stored XSS vulnerability< 2.2.0Jul 27, 2023
- RCE via Unauthenticated Arbitrary File Upload vulnerability< 1.9May 15, 2023