Every CVE whose affected-product data names Bitapps Bit Form, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (6)
CVE-2024-43249 — CVSS 9.9 (critical): Unrestricted Upload of File with Dangerous Type vulnerability in Bit Apps Bit Form Pro allows Command Injection.This issue affects Bit Form…
CVE-2022-4774 — CVSS 9.8 (critical): The Bit Form WordPress plugin before 1.9 does not validate the file types uploaded via it's file upload form field, allowing…
CVE-2024-43248 — CVSS 8.6 (high): Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in Bit Apps Bit Form Pro allows File…
CVE-2024-43250 — CVSS 7.1 (high): Incorrect Authorization vulnerability in Bit Apps Bit Form Pro bitformpro allows Accessing Functionality Not Properly Constrained by…
CVE-2024-43251 — CVSS 6.5 (medium): Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Bit Apps Bit Form Pro.This issue affects Bit Form Pro: from n/a…
CVE-2024-13451 — CVSS 5.3 (medium): The Contact Form by Bit Form: Multi Step Form, Calculation Contact Form, Payment Contact Form & Custom Contact Form builder plugin for…