← Back

Constant Contact Forms

constant_contact_forms

Vendor: Constantcontact • 2 CVEs

CVEs (2)

CVE
VENDORS
PRODUCTS
UPDATED
PUBLISHED
CVSS
CVE-2023-52208
1Constantcontact
1Constant Contact Forms
Jun 17, 2026
Jan 8, 2024
N/A· v4
7.5 HIGH· v3
N/A· v2
Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Constant Contact Constant Contact Forms.This issue affects Constant Contact Forms: from n/a through 2.4.2.
CVE-2021-24134
1Constantcontact
1Constant Contact Forms
Jun 17, 2026
Mar 18, 2021
N/A· v4
4.8 MEDIUM· v3
3.5 LOW· v2
Unvalidated input and lack of output encoding in the Constant Contact Forms WordPress plugin, versions before 1.8.8, lead to multiple Stored Cross-Site Scripting vulnerabilities, which allowed high-privileged user (Edito...Show more
Unvalidated input and lack of output encoding in the Constant Contact Forms WordPress plugin, versions before 1.8.8, lead to multiple Stored Cross-Site Scripting vulnerabilities, which allowed high-privileged user (Editor+) to inject arbitrary JavaScript code or HTML in posts where the malicious form is embed.Show less