Vulnerabilities > Wpforms > Contact Form > 1.5.9
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-06-22 | CVE-2023-30500 | Cross-site Scripting vulnerability in Wpforms Contact Form and Wpforms Unauth. | 6.1 |
| 2023-06-07 | CVE-2019-25145 | Cross-site Scripting vulnerability in Wpforms Contact Form 1.5.9 The Contact Form & SMTP Plugin by PirateForms plugin for WordPress is vulnerable to HTML injection in the ‘public/class-pirateforms-public.php’ file in versions up to, and including, 2.5.1 due to insufficient input sanitization and output escaping. | 6.1 |