Contact Form Entries

CRM Perks

Developer

1.4.6

Latest version

60,000

Installations

No date

Last updated

WordPress Plugin

No VDP

Claim ownership

Report vulnerability

Vulnerabilities

Security Contributors

Vulnerability history

0 present

10 patched

5 Mitigation rules

Missing Authorization to Unauthenticated Form Data Exfiltration via CSV Export vulnerability
<= 1.4.5
Jan 28, 2026
Unauthenticated PHP Object Injection to Arbitrary File Deletion vulnerability
<= 1.4.3
Dec 31, 2025
Unauthenticated Stored Cross-Site Scripting vulnerability
<= 1.3.8
Apr 23, 2024
Authenticated(Contributor+) Stored Cross-Site Scripting via shortcode vulnerability
<= 1.3.3
Mar 7, 2024
Authenticated (Administrator+) Arbitrary File Upload vulnerability
<= 1.3.2
Jan 31, 2024
Cross Site Scripting (XSS) vulnerability
<= 1.3.0
May 22, 2023
Auth. SQL Injection (SQLi) vulnerability
<= 1.3.0
May 22, 2023
Unauthenticated Persistent Cross-Site Scripting (XSS) vulnerability
<= 1.2.3
Nov 14, 2021
Authenticated Persistent Cross-Site Scripting (XSS) vulnerability
<= 1.2.3
Nov 14, 2021
Multiple Authenticated Reflected Cross-Site Scripting (XSS) vulnerabilities
<= 1.2.3
Nov 14, 2021