Really Simple Security logo

Log out
Get PRO

Latest

Input validation vulnerability in HT Contact Form Widget For Elementor Page Builder & Gutenberg Blocks & Form Builder. 2.0.0

  • Severity: medium-risk
  • Status: Fixed
  • Publication: July 16, 2025

A popular plugin called HT Contact Form 7 for WordPress has a security issue. This means that hackers who have special access to the website can make their own files run on the server. This can lead to them getting important information or running their own code on the website. This is possible even if the files appear safe, like images.

Detected in:

HT Contact Form – Drag & Drop Form Builder for WordPress fixed vulnerable versions:
HT Contact Form – Easy Form Builder for WordPress fixed vulnerable versions:
HT Contact Form Widget For Elementor Page Builder & Gutenberg Blocks & Form Builder. fixed vulnerable versions:

This information is sourced from www.wpvulnerability.com. An open-source database of vulnerabilities maintained by the community. Help us out by submitting vulnerabilities!

Version compare shows which versions have a vulnerability. For example: >= 2.2.8 <= 2.2.21 means:

> from 2.2.8
= including 2.2.8 & 2.2.21
< to 2.2.21

  • Incorrect?

Is this information incorrect? Please leave us a message.