← Back

Bit Form

bit_form

Vendor: Bitapps • 6 CVEs

CVEs (6)

CVE
VENDORS
PRODUCTS
UPDATED
PUBLISHED
CVSS
CVE-2024-13451
1Bitapps
1Bit Form
Jul 10, 2025
Jul 2, 2025
N/A· v4
7.5 HIGH· v3
N/A· v2
The Contact Form by Bit Form: Multi Step Form, Calculation Contact Form, Payment Contact Form & Custom Contact Form builder plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and...Show more
The Contact Form by Bit Form: Multi Step Form, Calculation Contact Form, Payment Contact Form & Custom Contact Form builder plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 2.17.4 via file uploads due to insufficient directory listing prevention and lack of randomization of file names. This makes it possible for unauthenticated attackers to extract sensitive data including files uploaded via a form. The vulnerability was partially patched in version 2.17.5.Show less
CVE-2024-43251
1Bitapps
1Bit Form
Sep 17, 2024
Aug 26, 2024
N/A· v4
6.5 MEDIUM· v3
N/A· v2
Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Bit Apps Bit Form Pro.This issue affects Bit Form Pro: from n/a through 2.6.4.
CVE-2024-43250
1Bitapps
1Bit Form
Sep 6, 2024
Aug 19, 2024
N/A· v4
6.5 MEDIUM· v3
N/A· v2
Incorrect Authorization vulnerability in Bit Apps Bit Form Pro bitformpro allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects Bit Form Pro: from n/a through 2.6.4.
CVE-2024-43249
1Bitapps
1Bit Form
Sep 6, 2024
Aug 19, 2024
N/A· v4
8.8 HIGH· v3
N/A· v2
Unrestricted Upload of File with Dangerous Type vulnerability in Bit Apps Bit Form Pro allows Command Injection.This issue affects Bit Form Pro: from n/a through 2.6.4.
CVE-2024-43248
1Bitapps
1Bit Form
Sep 6, 2024
Aug 19, 2024
N/A· v4
9.1 CRITICAL· v3
N/A· v2
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in Bit Apps Bit Form Pro allows File Manipulation.This issue affects Bit Form Pro: from n/a through 2.6.4.
CVE-2022-4774
1Bitapps
1Bit Form
Jan 24, 2025
May 15, 2023
N/A· v4
9.8 CRITICAL· v3
N/A· v2
The Bit Form WordPress plugin before 1.9 does not validate the file types uploaded via it's file upload form field, allowing unauthenticated users to upload arbitrary files types such as PHP or HTML files to the server,...Show more
The Bit Form WordPress plugin before 1.9 does not validate the file types uploaded via it's file upload form field, allowing unauthenticated users to upload arbitrary files types such as PHP or HTML files to the server, leading to Remote Code Execution.Show less