Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
codepeople contact form email vulnerabilities and exploits
(subscribe to this query)
383
VMScore
CVE-2019-9646
The Contact Form Email plugin prior to 1.2.66 for WordPress allows wp-admin/admin.php item XSS, related to cp_admin_int_edition.inc.php in the "custom edition area."
Codepeople Contact Form Email
NA
CVE-2023-2718
The Contact Form Email WordPress plugin prior to 1.3.38 does not escape submitted values before displaying them in the HTML, leading to a Stored XSS vulnerability.
Codepeople Contact Form Email
187
VMScore
CVE-2021-42361
The Contact Form Email WordPress plugin is vulnerable to Stored Cross-Site Scripting due to insufficient input validation and escaping via the name parameter found in the ~/trunk/cp-admin-int-list.inc.php file which allowed attackers with administrative user access to inject arbi...
Codepeople Contact Form Email
383
VMScore
CVE-2018-20963
The contact-form-to-email plugin prior to 1.2.66 for WordPress has XSS.
Codepeople Contact Form Email
605
VMScore
CVE-2018-20964
The contact-form-to-email plugin prior to 1.2.66 for WordPress has CSRF.
Codepeople Contact Form Email
NA
CVE-2023-5955
The Contact Form Email WordPress plugin prior to 1.3.44 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed (for example in mu...
Codepeople Contact Form Email
NA
CVE-2024-31302
Exposure of Sensitive Information to an Unauthorized Actor vulnerability in CodePeople Contact Form Email.This issue affects Contact Form Email: from n/a up to and including 1.3.44.
Codepeople Contact Form Email
NA
CVE-2023-28494
Missing Authorization vulnerability in CodePeople Contact Form Email allows Functionality Misuse.This issue affects Contact Form Email: from n/a up to and including 1.3.31.
NA
CVE-2023-48318
Improper Restriction of Excessive Authentication Attempts vulnerability in CodePeople Contact Form Email allows Functionality Bypass.This issue affects Contact Form Email: from n/a up to and including 1.3.41.
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-40673
CVE-2024-36674
CVE-2024-27348
unspecified
CVE-2024-24919
CVE-2024-4870
malicious code
CVE-2024-2019
hard-coded
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started