Vulnerabilities > Cimatti > Wordpress Contact Forms > 1.5.4

DATE CVE VULNERABILITY TITLE RISK
2025-02-01 CVE-2024-12184 Missing Authorization vulnerability in Cimatti Wordpress Contact Forms
The WordPress Contact Forms by Cimatti plugin for WordPress is vulnerable to unauthorized access of data due to a missing capability check on the accua_forms_download_submitted_file() function in all versions up to, and including, 1.9.4.
network
low complexity
cimatti CWE-862
5.3
5.3
2024-12-13 CVE-2023-35051 Missing Authorization vulnerability in Cimatti Wordpress Contact Forms
Missing Authorization vulnerability in Cimatti Consulting Contact Forms by Cimatti allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Contact Forms by Cimatti: from n/a through 1.5.7.
network
low complexity
cimatti CWE-862
8.8
8.8
2024-11-27 CVE-2024-10521 Cross-Site Request Forgery (CSRF) vulnerability in Cimatti Wordpress Contact Forms
The WordPress Contact Forms by Cimatti plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 1.9.2.
network
low complexity
cimatti CWE-352
4.3
4.3
2024-03-31 CVE-2024-30549 Unspecified vulnerability in Cimatti Wordpress Contact Forms
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Cimatti Consulting Contact Forms by Cimatti allows Stored XSS.This issue affects Contact Forms by Cimatti: from n/a through 1.8.0.
network
low complexity
cimatti
4.8
4.8
2024-03-19 CVE-2024-29117 Unspecified vulnerability in Cimatti Wordpress Contact Forms
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Cimatti Consulting Contact Forms by Cimatti allows Stored XSS.This issue affects Contact Forms by Cimatti: from n/a through 1.7.0.
network
low complexity
cimatti
6.1
6.1
2023-11-13 CVE-2023-47230 Cross-Site Request Forgery (CSRF) vulnerability in Cimatti Wordpress Contact Forms
Cross-Site Request Forgery (CSRF) vulnerability in Cimatti Consulting WordPress Contact Forms by Cimatti plugin <= 1.6.0 versions.
network
low complexity
cimatti CWE-352
8.8
8.8
2023-04-07 CVE-2023-28781 Unspecified vulnerability in Cimatti Wordpress Contact Forms
Unauth.
network
low complexity
cimatti
6.1
6.1
2023-04-07 CVE-2023-28789 Unspecified vulnerability in Cimatti Wordpress Contact Forms
Unauth.
network
low complexity
cimatti
6.1
6.1