← Back

Constantcontact

constantcontact

5 CVEs • 2 products

Products (2)

Click to collapse
Toggle
Creative Mail
creative_mail
3 CVEs
Constant Contact Forms
constant_contact_forms
2 CVEs

CVEs (5)

CVE
VENDORS
PRODUCTS
UPDATED
PUBLISHED
CVSS
CVE-2023-52208
1Constantcontact
1Constant Contact Forms
Jun 17, 2026
Jan 8, 2024
N/A· v4
7.5 HIGH· v3
N/A· v2
Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Constant Contact Constant Contact Forms.This issue affects Constant Contact Forms: from n/a through 2.4.2.
CVE-2022-44740
1Constantcontact
1Creative Mail
Jun 17, 2026
Nov 18, 2022
N/A· v4
8.8 HIGH· v3
N/A· v2
Multiple Cross-Site Request Forgery (CSRF) vulnerabilities in Creative Mail plugin <= 1.5.4 on WordPress.
CVE-2022-40687
1Constantcontact
1Creative Mail
Jun 17, 2026
Nov 18, 2022
N/A· v4
8.8 HIGH· v3
N/A· v2
Cross-Site Request Forgery (CSRF) vulnerability in Creative Mail plugin <= 1.5.4 on WordPress.
CVE-2022-40686
1Constantcontact
1Creative Mail
Jun 17, 2026
Nov 18, 2022
N/A· v4
8.8 HIGH· v3
N/A· v2
Cross-Site Request Forgery (CSRF) vulnerability in Creative Mail plugin <= 1.5.4 on WordPress.
CVE-2021-24134
1Constantcontact
1Constant Contact Forms
Jun 17, 2026
Mar 18, 2021
N/A· v4
4.8 MEDIUM· v3
3.5 LOW· v2
Unvalidated input and lack of output encoding in the Constant Contact Forms WordPress plugin, versions before 1.8.8, lead to multiple Stored Cross-Site Scripting vulnerabilities, which allowed high-privileged user (Edito...Show more
Unvalidated input and lack of output encoding in the Constant Contact Forms WordPress plugin, versions before 1.8.8, lead to multiple Stored Cross-Site Scripting vulnerabilities, which allowed high-privileged user (Editor+) to inject arbitrary JavaScript code or HTML in posts where the malicious form is embed.Show less