Really Simple Security logo

Log out
Get PRO

Latest

Input validation vulnerability in Contact Form by Bit Form: Multi Step Form, Calculation Contact Form, Payment Contact Form & Custom Contact Form builder 2.18.0

  • Severity: high-risk
  • Status: Fixed
  • Publication: March 27, 2025

The Contact Form by Bit Form, a plugin for creating forms on WordPress, has a security vulnerability in all versions up to 2.18.0. This is because the plugin does not properly check the redirect URL, allowing attackers to redirect users to harmful websites if they can trick them into clicking on a link.

Detected in:

Bit Form – Custom Contact Form, Multi Step, Conversational Form & Payment Form builder fixed vulnerable versions:
Bit Form – Custom Contact Form, Multi Step, Conversational, Payment & Quiz Form builder fixed vulnerable versions:
Contact Form builder by Bit Form: Multi Step Form, Conversational, Payment Form & More fixed vulnerable versions:
Contact Form by Bit Form: Multi Step Form, Calculation Contact Form, Payment Contact Form & Custom Contact Form builder fixed vulnerable versions:

This information is sourced from www.wpvulnerability.com. An open-source database of vulnerabilities maintained by the community. Help us out by submitting vulnerabilities!

Version compare shows which versions have a vulnerability. For example: >= 2.2.8 <= 2.2.21 means:

> from 2.2.8
= including 2.2.8 & 2.2.21
< to 2.2.21

  • Incorrect?

Is this information incorrect? Please leave us a message.