📦

contact_form_maker

Vendor: web-dorado

Actively Exploited 0 CISA KEV List

PoC / Exploits 1 Code Available

Total RCEs 0 Remote Access

Total CVEs 18 Total Indexed

Avg. EPSS 0.86% Exploit Prob.

Latest CVE CVE-2023-2655 Jan 16

Security Vulnerability Index

Page 1 / 2

7.2 CVSS

CVE-2023-2655

The Contact Form by WD WordPress plugin through 1.13.23 does not properly sanitise and escape a parameter before using it in a SQL statement, leading to a SQL injection exploitable by high privilege users such as admin

EPSS: 0.71%

Severity: HIGH

Jan 16, 2024

9.8 CVSS

CVE-2015-2798

Exploit Found

SQL injection vulnerability in Joomla! Component Contact Form Maker 1.0.1 allows remote attackers to execute arbitrary SQL commands via the id parameter.

EPSS: 1.00%

Severity: CRITICAL

Jul 25, 2017

Displaying 2 of 18 Total Entries

1 2

Total 2 Sections