← Back

Simple Basic Contact Form

simple_basic_contact_form

Vendor: Wpkube • 2 CVEs

CVEs (2)

CVE
VENDORS
PRODUCTS
UPDATED
PUBLISHED
CVSS
CVE-2024-12716
1Wpkube
1Simple Basic Contact Form
Jun 17, 2026
May 15, 2025
N/A· v4
4.8 MEDIUM· v3
N/A· v2
The Simple Basic Contact Form WordPress plugin before 20250114 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even w...Show more
The Simple Basic Contact Form WordPress plugin before 20250114 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed (for example in multisite setup).Show less
CVE-2022-4226
1Wpkube
1Simple Basic Contact Form
Jun 17, 2026
Dec 26, 2022
N/A· v4
4.8 MEDIUM· v3
N/A· v2
The Simple Basic Contact Form WordPress plugin before 20221201 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even w...Show more
The Simple Basic Contact Form WordPress plugin before 20221201 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed (for example in multisite setup).Show less