Contact Form Entries

CRM Perks

Developer

1.5.0

Latest version

70,000

Installations

No date

Last updated

WordPress Plugin

No VDP

Claim ownership

Report vulnerability

Vulnerabilities

Security Contributors

Vulnerability history

0 present

12 patched

6 Mitigation rules

Missing Authorization to Authenticated (Contributor+) Sensitive Information Exposure via Shortcode vulnerability
<= 1.4.9
13 hours ago
Unauthenticated PHP Object Injection via 'download_csv' vulnerability
<= 1.4.7
06/03/2026
Missing Authorization to Unauthenticated Form Data Exfiltration via CSV Export vulnerability
<= 1.4.5
28/01/2026
Unauthenticated PHP Object Injection to Arbitrary File Deletion vulnerability
<= 1.4.3
31/12/2025
Unauthenticated Stored Cross-Site Scripting vulnerability
<= 1.3.8
23/04/2024
Authenticated(Contributor+) Stored Cross-Site Scripting via shortcode vulnerability
<= 1.3.3
07/03/2024
Authenticated (Administrator+) Arbitrary File Upload vulnerability
<= 1.3.2
31/01/2024
Cross Site Scripting (XSS) vulnerability
<= 1.3.0
22/05/2023
Auth. SQL Injection (SQLi) vulnerability
<= 1.3.0
22/05/2023
Unauthenticated Persistent Cross-Site Scripting (XSS) vulnerability
<= 1.2.3
14/11/2021
Authenticated Persistent Cross-Site Scripting (XSS) vulnerability
<= 1.2.3
14/11/2021
Multiple Authenticated Reflected Cross-Site Scripting (XSS) vulnerabilities
<= 1.2.3
14/11/2021