Total
2 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2023-2655 | 1 Web-dorado | 1 Contact Form Maker | 2024-11-21 | N/A | 7.2 HIGH |
The Contact Form by WD WordPress plugin through 1.13.23 does not properly sanitise and escape a parameter before using it in a SQL statement, leading to a SQL injection exploitable by high privilege users such as admin | |||||
CVE-2015-2798 | 1 Web-dorado | 1 Contact Form Maker | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
SQL injection vulnerability in Joomla! Component Contact Form Maker 1.0.1 allows remote attackers to execute arbitrary SQL commands via the id parameter. |