Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact

crmperks contact form entries vulnerabilities and exploits

(subscribe to this query)
4.3
CVSSv2
CVE-2021-25079
The Contact Form Entries WordPress plugin prior to 1.2.4 does not sanitise and escape various parameters, such as form_id, status, end_date, order, orderby and search before outputting them back in the admin page
Crmperks Contact Form Entries
4.3
CVSSv2
CVE-2021-25080
The Contact Form Entries WordPress plugin prior to 1.1.7 does not validate, sanitise and escape the IP address retrieved via headers such as CLIENT-IP and X-FORWARDED-FOR, allowing unauthenticated malicious users to perform Cross-Site Scripting attacks against logged in admins vi...
Crmperks Contact Form Entries
NA
CVE-2023-33311
Auth. (contributor+) Stored Cross-Site Scripting (XSS) vulnerability in CRM Perks Contact Form Entries plugin <= 1.3.0 versions.
Crmperks Contact Form Entries - Contact Form 7 Wpforms And More
NA
CVE-2022-3604
The Contact Form Entries WordPress plugin prior to 1.3.0 does not validate data when its output in a CSV file, which could lead to CSV injection.
Crmperks Database For Contact Form 7\\, Wpforms\\, Elementor Forms
NA
CVE-2023-31212
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in CRM Perks Database for Contact Form 7, WPforms, Elementor forms contact-form-entries allows SQL Injection.This issue affects Database for Contact Form 7, WPforms, Eleme...
Crmperks Database For Contact Form 7\\, Wpforms\\, Elementor Forms
NA
CVE-2024-1069
The Contact Form Entries plugin for WordPress is vulnerable to arbitrary file uploads due to insufficient file validation on the 'view_page' function in versions up to, and including, 1.3.2. This makes it possible for authenticated attackers with administrator-level cap...
Crmperks Database For Contact Form 7\\, Wpforms\\, Elementor Forms
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
encryptionCVE-2024-4331CVE-2024-26925arbitrary codeCVE-2006-4304CVE-2024-25458CVE-2024-27077reflected XSSCVE-2024-4059
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook