Product
wpmet metform elementor contact form builder
23 known vulnerabilities across versions
Vulnerabilities are listed by affected version. Select any CVE for the full briefing and its intelligence graph.
CVE-2023-50903
CVE-2023-0714
CVE-2024-4266
CVE-2024-33570
CVE-2024-2791
CVE-2024-1585
CVE-2023-6788
CVE-2023-0689
CVE-2023-2517
CVE-2023-1843
CVE-2023-0721
CVE-2023-0710
CVE-2023-0709
CVE-2023-0708
CVE-2023-0695
CVE-2023-0694
CVE-2023-0693
CVE-2023-0692
CVE-2023-0691
CVE-2023-0688
CVE-2023-0084
CVE-2023-0085
CVE-2022-1442
< 3.4.1
Missing Authorization vulnerability in Roxnor Metform allows Exploiting Incorrectly Configured Access Control Security Lev
< 3.3.0
The Metform Elementor Contact Form Builder for WordPress is vulnerable to Arbitrary File Upload due to insufficient file type vali
< 3.8.9
The MetForm - Contact Form, Survey, Quiz, & Custom Form Builder for Elementor plugin for WordPress is vulnerable to Sensitive Info
< 3.8.4
Missing Authorization vulnerability in Roxnor Metform metform.This issue affects Metform: from n/a through <= 3.8.3.
< 3.8.6
The Metform Elementor Contact Form Builder plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's widg
< 3.8.4
The Metform Elementor Contact Form Builder plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's shor
<= 3.8.1
The Metform Elementor Contact Form Builder plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to,
< 3.3.2
The Metform Elementor Contact Form Builder for WordPress is vulnerable to Information Disclosure via the 'mf_first_name' shortcode
< 3.3.3
The Metform Elementor Contact Form Builder plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and
<= 3.3.0
The Metform Elementor Contact Form Builder plugin for WordPress is vulnerable to unauthorized permalink structure update due to a
<= 3.3.0
The Metform Elementor Contact Form Builder plugin for WordPress is vulnerable to CSV injection in versions up to, and including, 3
<= 3.3.0
The Metform Elementor Contact Form Builder for WordPress is vulnerable to Cross-Site Scripting by using the 'fname' attribute of t
<= 3.3.0
The Metform Elementor Contact Form Builder for WordPress is vulnerable to Cross-Site Scripting by using the 'mf_last_name' shortco
<= 3.3.0
The Metform Elementor Contact Form Builder for WordPress is vulnerable to Cross-Site Scripting by using the 'mf_first_name' shortc
<= 3.3.0
The Metform Elementor Contact Form Builder for WordPress is vulnerable to Cross-Site Scripting by using the 'mf' shortcode to echo
<= 3.3.1
The Metform Elementor Contact Form Builder for WordPress is vulnerable to Information Disclosure via the 'mf' shortcode in version
<= 3.3.1
The Metform Elementor Contact Form Builder for WordPress is vulnerable to Information Disclosure via the 'mf_transaction_id' short
<= 3.3.1
The Metform Elementor Contact Form Builder for WordPress is vulnerable to Information Disclosure via the 'mf_payment_status' short
<= 3.3.1
The Metform Elementor Contact Form Builder for WordPress is vulnerable to Information Disclosure via the 'mf_last_name' shortcode
<= 3.3.1
The Metform Elementor Contact Form Builder for WordPress is vulnerable to Information Disclosure via the 'mf_thankyou' shortcode i
<= 3.1.2
The Metform Elementor Contact Form Builder plugin for WordPress is vulnerable to Stored Cross-Site Scripting via text areas on for
<= 3.2.1
The Metform Elementor Contact Form Builder plugin for WordPress is vulnerable to reCaptcha Bypass in versions up to, and including
< 2.1.4
The Metform WordPress plugin is vulnerable to sensitive information disclosure due to improper access control in the ~/core/forms/