← Back

Contact Form Maker

contact_form_maker

Vendor: Web Dorado • 2 CVEs

CVEs (2)

CVE
VENDORS
PRODUCTS
UPDATED
PUBLISHED
CVSS
CVE-2023-2655
1Web Dorado
1Contact Form Maker
Jun 2, 2025
Jan 16, 2024
N/A· v4
7.2 HIGH· v3
N/A· v2
The Contact Form by WD WordPress plugin through 1.13.23 does not properly sanitise and escape a parameter before using it in a SQL statement, leading to a SQL injection exploitable by high privilege users such as admin
CVE-2015-2798
1Web Dorado
1Contact Form Maker
May 13, 2026
Jul 25, 2017
N/A· v4
9.8 CRITICAL· v3
7.5 HIGH· v2
SQL injection vulnerability in Joomla! Component Contact Form Maker 1.0.1 allows remote attackers to execute arbitrary SQL commands via the id parameter.