CVE-2019-9646 — CVSS 6.1 (medium): The Contact Form Email plugin before 1.2.66 for WordPress allows wp-admin/admin.php item XSS, related to cp_admin_int_edition.inc.php in…
CVE-2025-24727 — CVSS 5.9 (medium): Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in codepeople Contact Form Email…
CVE-2023-2718 — CVSS 5.4 (medium): The Contact Form Email WordPress plugin before 1.3.38 does not escape submitted values before displaying them in the HTML, leading to a…
CVE-2023-48318 — CVSS 5.3 (medium): Improper Restriction of Excessive Authentication Attempts vulnerability in CodePeople Contact Form Email allows Functionality Bypass.This…
CVE-2024-31302 — CVSS 5.3 (medium): Exposure of Sensitive Information to an Unauthorized Actor vulnerability in CodePeople Contact Form Email.This issue affects Contact Form…
CVE-2023-5955 — CVSS 4.8 (medium): The Contact Form Email WordPress plugin before 1.3.44 does not sanitise and escape some of its settings, which could allow high privilege…
CVE-2021-42361 — CVSS 4.8 (medium): The Contact Form Email WordPress plugin is vulnerable to Stored Cross-Site Scripting due to insufficient input validation and escaping via…
CVE-2023-28494 — CVSS 4.3 (medium): Missing Authorization vulnerability in CodePeople Contact Form Email allows Functionality Misuse.This issue affects Contact Form Email…