Vulnerabilities > Cimatti > Wordpress Contact Forms > 1.6.0
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2025-02-01 | CVE-2024-12184 | Missing Authorization vulnerability in Cimatti Wordpress Contact Forms The WordPress Contact Forms by Cimatti plugin for WordPress is vulnerable to unauthorized access of data due to a missing capability check on the accua_forms_download_submitted_file() function in all versions up to, and including, 1.9.4. | 5.3 |
| 2024-11-27 | CVE-2024-10521 | Cross-Site Request Forgery (CSRF) vulnerability in Cimatti Wordpress Contact Forms The WordPress Contact Forms by Cimatti plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 1.9.2. | 4.3 |
| 2024-03-31 | CVE-2024-30549 | Unspecified vulnerability in Cimatti Wordpress Contact Forms Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Cimatti Consulting Contact Forms by Cimatti allows Stored XSS.This issue affects Contact Forms by Cimatti: from n/a through 1.8.0. | 4.8 |
| 2024-03-19 | CVE-2024-29117 | Unspecified vulnerability in Cimatti Wordpress Contact Forms Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Cimatti Consulting Contact Forms by Cimatti allows Stored XSS.This issue affects Contact Forms by Cimatti: from n/a through 1.7.0. | 6.1 |
| 2023-11-13 | CVE-2023-47230 | Cross-Site Request Forgery (CSRF) vulnerability in Cimatti Wordpress Contact Forms Cross-Site Request Forgery (CSRF) vulnerability in Cimatti Consulting WordPress Contact Forms by Cimatti plugin <= 1.6.0 versions. | 8.8 |