Really Simple Security logo

Log out
Get PRO

Latest

Access violation vulnerability in Contact Form by Bit Form: Multi Step Form, Calculation Contact Form, Payment Contact Form & Custom Contact Form builder 2.17.3

  • Severity: medium-risk
  • Status: Fixed
  • Publication: December 24, 2024

The Contact Form by Bit Form is a plugin for WordPress that allows users to create different types of forms, such as multi-step forms, calculation forms, payment forms, and custom forms. However, there is a security issue that allows unauthorized access to data. This means that someone who is not supposed to have access to the information can view form submissions from other users, as long as they have at least Subscriber-level access.

Detected in:

Bit Form – Custom Contact Form, Multi Step, Conversational Form & Payment Form builder fixed vulnerable versions:
Bit Form – Custom Contact Form, Multi Step, Conversational, Payment & Quiz Form builder fixed vulnerable versions:
Contact Form builder by Bit Form: Multi Step Form, Conversational, Payment Form & More fixed vulnerable versions:
Contact Form by Bit Form: Multi Step Form, Calculation Contact Form, Payment Contact Form & Custom Contact Form builder fixed vulnerable versions:

This information is sourced from www.wpvulnerability.com. An open-source database of vulnerabilities maintained by the community. Help us out by submitting vulnerabilities!

Version compare shows which versions have a vulnerability. For example: >= 2.2.8 <= 2.2.21 means:

> from 2.2.8
= including 2.2.8 & 2.2.21
< to 2.2.21

  • Incorrect?

Is this information incorrect? Please leave us a message.