Metform elementor contact form builder
This hub aggregates every CVE we track for Metform elementor contact form builder, a product in the web cms plugins space. Use it to gauge the current risk picture and drill into individual advisories.
23
CVEs tracked
0
Critical
4
High
0
In CISA KEV
Severity distribution
MEDIUM19HIGH4
Monthly trend
0
1
0
0
0
1
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
2024-072026-06
Latest CVEs
The 15 most recently published vulnerabilities affecting Metform elementor contact form builder.
- CVE-2023-50903WordPress Metform Elementor Contact Form Builder plugin <= 3.4.0 - Broken Access Control vulnerability5.3
- CVE-2023-0714Metform Elementor Contact Form Builder <= 3.2.4 - Unauthenticated Double-Extension Arbitrary File Upload8.1
- CVE-2024-4266MetForm – Contact Form, Survey, Quiz, & Custom Form Builder for Elementor <= 3.8.8 - Unauthenticated Sensitive Information Exposure5.3
- CVE-2024-33570WordPress MetForm plugin <= 3.8.3 - Broken Access Control vulnerability4.3
- CVE-2024-2791Metform Elementor Contact Form Builder <= 3.8.5 - Authenticated (Contributor+) Stored Cross-Site Scripting via Widgets6.4
- CVE-2024-1585Metform Elementor Contact Form Builder <= 3.8.3 - Authenticated(Contributor+) Stored Cross-Site Scripting via Shortcode6.4
- CVE-2023-6788Metform Elementor Contact Form Builder <= 3.8.1 - Cross-Site Request Forgery5.4
- CVE-2023-0689Metform Elementor Contact Form Builder <= 3.3.1 - Authenticated (Subscriber+) Information Disclosure via 'mf_first_name' shortcode4.3
- CVE-2023-2517Metform Elementor Contact Form Builder <= 3.3.2 - Cross-Site Request Forgery via permalink_setup5.4
- CVE-2023-0692Metform Elementor Contact Form Builder <= 3.3.1 - Authenticated (Subscriber+) Information Disclosure via 'mf_payment_status' shortcode4.3
- CVE-2023-0721Metform Elementor Contact Form Builder <= 3.3.0 - Unauthenticated CSV Injection8.3
- CVE-2023-0708Metform Elementor Contact Form Builder <= 3.3.0 - Authenticated (Contributor+) Stored Cross-Site Scripting via mf_first_name shortcode5.4
- CVE-2023-0691Metform Elementor Contact Form Builder <= 3.3.1 - Authenticated (Subscriber+) Information Disclosure via mf_last_name shortcode4.3
- CVE-2023-0710Metform Elementor Contact Form Builder <= 3.3.0 - Authenticated (Contributor+) Stored Cross-Site Scripting via mf_thankyou shortcode4.9
- CVE-2023-0688Metform Elementor Contact Form Builder <= 3.3.1 - Authenticated (Subscriber+) Information Disclosure via mf_thankyou shortcode6.5
Product normalization is registry-driven with AI assist and human review. How it works