Vulnerabilities > Crmperks > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-03-29 | CVE-2024-30499 | Unspecified vulnerability in Crmperks CRM Perks Forms Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in CRM Perks CRM Perks Forms.This issue affects CRM Perks Forms: from n/a through 1.1.4. | 8.8 |
| 2024-01-31 | CVE-2024-1069 | Unrestricted Upload of File with Dangerous Type vulnerability in Crmperks Database for Contact Form 7, Wpforms, Elementor Forms The Contact Form Entries plugin for WordPress is vulnerable to arbitrary file uploads due to insufficient file validation on the 'view_page' function in versions up to, and including, 1.3.2. | 7.2 |
| 2024-01-16 | CVE-2022-3604 | Improper Neutralization of Formula Elements in a CSV File vulnerability in Crmperks Database for Contact Form 7, Wpforms, Elementor Forms The Contact Form Entries WordPress plugin before 1.3.0 does not validate data when its output in a CSV file, which could lead to CSV injection. | 7.8 |
| 2023-05-26 | CVE-2023-25976 | Unspecified vulnerability in Crmperks Integration for Contact Form 7 and Zoho Crm, Bigin 1.2.2 Cross-Site Request Forgery (CSRF) vulnerability in CRM Perks Integration for Contact Form 7 and Zoho CRM, Bigin plugin <= 1.2.2 versions. | 8.8 |