Cimatti

Wordpress Contact Forms

8 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
5.3

CVE-2024-12184

  • EPSS 0.33%
  • Veröffentlicht 01.02.2025 04:15:30
  • Zuletzt bearbeitet 24.02.2025 16:48:58

The WordPress Contact Forms by Cimatti plugin for WordPress is vulnerable to unauthorized access of data due to a missing capability check on the accua_forms_download_submitted_file() function in all versions up to, and including, 1.9.4. This makes i...

8.8

CVE-2023-35051

  • EPSS 0.27%
  • Veröffentlicht 13.12.2024 15:15:15
  • Zuletzt bearbeitet 19.03.2025 21:02:08

Missing Authorization vulnerability in Cimatti Consulting Contact Forms by Cimatti allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Contact Forms by Cimatti: from n/a through 1.5.7.

4.3

CVE-2024-10521

  • EPSS 0.13%
  • Veröffentlicht 27.11.2024 11:15:16
  • Zuletzt bearbeitet 19.03.2025 21:00:37

The WordPress Contact Forms by Cimatti plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 1.9.2. This is due to missing or incorrect nonce validation on the process_bulk_action function. This makes ...

4.8

CVE-2024-30549

  • EPSS 0.06%
  • Veröffentlicht 31.03.2024 20:15:08
  • Zuletzt bearbeitet 18.03.2025 11:33:13

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Cimatti Consulting Contact Forms by Cimatti allows Stored XSS.This issue affects Contact Forms by Cimatti: from n/a through 1.8.0.

6.1

CVE-2024-29117

  • EPSS 0.13%
  • Veröffentlicht 19.03.2024 15:15:09
  • Zuletzt bearbeitet 18.03.2025 11:54:32

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Cimatti Consulting Contact Forms by Cimatti allows Stored XSS.This issue affects Contact Forms by Cimatti: from n/a through 1.7.0.

8.8

CVE-2023-47230

  • EPSS 0.05%
  • Veröffentlicht 13.11.2023 01:15:09
  • Zuletzt bearbeitet 21.11.2024 08:29:59

Cross-Site Request Forgery (CSRF) vulnerability in Cimatti Consulting WordPress Contact Forms by Cimatti plugin <= 1.6.0 versions.

6.1

CVE-2023-28781

  • EPSS 0.11%
  • Veröffentlicht 07.04.2023 15:15:08
  • Zuletzt bearbeitet 21.11.2024 07:56:00

Unauth. Stored Cross-Site Scripting (XSS) vulnerability in Cimatti Consulting WordPress Contact Forms by Cimatti plugin <= 1.5.4 versions.

6.1

CVE-2023-28789

  • EPSS 0.11%
  • Veröffentlicht 07.04.2023 15:15:08
  • Zuletzt bearbeitet 21.11.2024 07:56:01

Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in Cimatti Consulting WordPress Contact Forms by Cimatti plugin <= 1.5.4 versions.