← Back

Database For Contact Form 7, Wpforms, Elementor Forms

database_for_contact_form_7,_wpforms,_elementor_forms

Vendor: Crmperks • 4 CVEs

CVEs (4)

CVE
VENDORS
PRODUCTS
UPDATED
PUBLISHED
CVSS
CVE-2024-1069
1Crmperks
1Database For Contact Form 7, Wpforms, Elementor Forms
Apr 8, 2026
Jan 31, 2024
N/A· v4
7.2 HIGH· v3
N/A· v2
The Contact Form Entries plugin for WordPress is vulnerable to arbitrary file uploads due to insufficient file validation on the 'view_page' function in versions up to, and including, 1.3.2. This makes it possible for au...Show more
The Contact Form Entries plugin for WordPress is vulnerable to arbitrary file uploads due to insufficient file validation on the 'view_page' function in versions up to, and including, 1.3.2. This makes it possible for authenticated attackers with administrator-level capabilities or above, to upload arbitrary files on the affected site's server which may make remote code execution possible.Show less
CVE-2022-3604
1Crmperks
1Database For Contact Form 7, Wpforms, Elementor Forms
Jun 11, 2025
Jan 16, 2024
N/A· v4
7.8 HIGH· v3
N/A· v2
The Contact Form Entries WordPress plugin before 1.3.0 does not validate data when its output in a CSV file, which could lead to CSV injection.
CVE-2023-31095
1Crmperks
1Database For Contact Form 7, Wpforms, Elementor Forms
Apr 28, 2026
Dec 29, 2023
N/A· v4
6.1 MEDIUM· v3
N/A· v2
URL Redirection to Untrusted Site ('Open Redirect') vulnerability in CRM Perks Integration for HubSpot and Contact Form 7, WPForms, Elementor, Ninja Forms.This issue affects Integration for HubSpot and Contact Form 7, WP...Show more
URL Redirection to Untrusted Site ('Open Redirect') vulnerability in CRM Perks Integration for HubSpot and Contact Form 7, WPForms, Elementor, Ninja Forms.This issue affects Integration for HubSpot and Contact Form 7, WPForms, Elementor, Ninja Forms: from n/a through 1.2.8.Show less
CVE-2023-31212
1Crmperks
1Database For Contact Form 7, Wpforms, Elementor Forms
Apr 28, 2026
Oct 31, 2023
N/A· v4
9.8 CRITICAL· v3
N/A· v2
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in CRM Perks Database for Contact Form 7, WPforms, Elementor forms contact-form-entries allows SQL Injection.This issue a...Show more
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in CRM Perks Database for Contact Form 7, WPforms, Elementor forms contact-form-entries allows SQL Injection.This issue affects Database for Contact Form 7, WPforms, Elementor forms: from n/a through 1.3.0.Show less