Vulnerabilities > Cimatti > Wordpress Contact Forms > 1.9.1
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2025-02-01 | CVE-2024-12184 | Missing Authorization vulnerability in Cimatti Wordpress Contact Forms The WordPress Contact Forms by Cimatti plugin for WordPress is vulnerable to unauthorized access of data due to a missing capability check on the accua_forms_download_submitted_file() function in all versions up to, and including, 1.9.4. | 5.3 |
| 2024-11-27 | CVE-2024-10521 | Cross-Site Request Forgery (CSRF) vulnerability in Cimatti Wordpress Contact Forms The WordPress Contact Forms by Cimatti plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 1.9.2. | 4.3 |