Themehunk Contact Form & Lead Form Elementor Builder — known CVE vulnerabilities
Every CVE whose affected-product data names Themehunk Contact Form & Lead Form Elementor Builder, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (5)
CVE-2021-24967 — CVSS 6.1 (medium): The Contact Form & Lead Form Elementor Builder WordPress plugin before 1.6.4 does not sanitise and escape some lead values, which could…
CVE-2024-3637 — CVSS 6.1 (medium): The Responsive Contact Form Builder & Lead Generation Plugin WordPress plugin through 1.8.9 does not sanitise and escape some of its…
CVE-2022-23179 — CVSS 4.8 (medium): The Contact Form & Lead Form Elementor Builder WordPress plugin before 1.7.0 does not escape some of its form fields before outputting them…
CVE-2024-10475 — CVSS 4.8 (medium): The Responsive Contact Form Builder & Lead Generation Plugin WordPress plugin before 1.9.8 does not sanitise and escape some of its…
CVE-2022-23180 — CVSS 4.3 (medium): The Contact Form & Lead Form Elementor Builder WordPress plugin before 1.7.4 doesn't have authorisation and nonce checks, which could allow…