Every CVE whose affected-product data names Cimatti Contact Forms, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (2)
CVE-2021-24744 — CVSS 4.8 (medium): The WordPress Contact Forms by Cimatti WordPress plugin before 1.4.12 does not sanitise and escape the Form Title before outputting it in…
CVE-2023-2563 — CVSS 4.3 (medium): The WordPress Contact Forms by Cimatti plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including…