Masdiblogs

masdiblogs

2 CVEs • 1 product

Products (1)

Click to collapse

Toggle

Wp Ajax Contact Form

wp_ajax_contact_form

2 CVEs

CVEs (2)

CVE VENDORS PRODUCTS UPDATED PUBLISHED CVSS
CVE-2024-5809 1Masdiblogs 1Wp Ajax Contact Form Jun 17, 2026 Jul 30, 2024 N/A· v4 6.1 MEDIUM· v3 N/A· v2 The WP Ajax Contact Form WordPress plugin through 2.2.2 does not sanitise and escape a parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting which could be used against admin users
CVE-2024-5808 1Masdiblogs 1Wp Ajax Contact Form Jun 17, 2026 Jul 30, 2024 N/A· v4 4.3 MEDIUM· v3 N/A· v2 The WP Ajax Contact Form WordPress plugin through 2.2.2 does not have CSRF check in place when deleting emails from the email list, which could allow attackers to make a logged in admin perform such action via a CSRF att...Show more The WP Ajax Contact Form WordPress plugin through 2.2.2 does not have CSRF check in place when deleting emails from the email list, which could allow attackers to make a logged in admin perform such action via a CSRF attackShow less

CVE

VENDORS

PRODUCTS

UPDATED

PUBLISHED

CVSS

CVE-2024-5809

1Masdiblogs

1Wp Ajax Contact Form

Jun 17, 2026

Jul 30, 2024

N/A· v4

6.1 MEDIUM· v3

N/A· v2

The WP Ajax Contact Form WordPress plugin through 2.2.2 does not sanitise and escape a parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting which could be used against admin users

CVE-2024-5808