Really Simple Security logo

Log out
Get PRO

Latest

Access violation vulnerability in Contact Form by Bit Form: Multi Step Form, Calculation Contact Form, Payment Contact Form & Custom Contact Form builder 2.13.9

  • Severity: critical
  • Status: Fixed
  • Publication: August 19, 2024

The Bit Form Contact Form plugin for WordPress has a security issue that allows attackers with high-level access to read and delete important files on the server. This could lead to further attacks, such as remote code execution. The vulnerability is present in versions 2.0 to 2.13.9 of the plugin.

Detected in:

Bit Form – Custom Contact Form, Multi Step, Conversational Form & Payment Form builder fixed vulnerable versions:
Bit Form – Custom Contact Form, Multi Step, Conversational, Payment & Quiz Form builder fixed vulnerable versions:
Contact Form builder by Bit Form: Multi Step Form, Conversational, Payment Form & More fixed vulnerable versions:
Contact Form by Bit Form: Multi Step Form, Calculation Contact Form, Payment Contact Form & Custom Contact Form builder fixed vulnerable versions:

This information is sourced from www.wpvulnerability.com. An open-source database of vulnerabilities maintained by the community. Help us out by submitting vulnerabilities!

Version compare shows which versions have a vulnerability. For example: >= 2.2.8 <= 2.2.21 means:

> from 2.2.8
= including 2.2.8 & 2.2.21
< to 2.2.21

  • Incorrect?

Is this information incorrect? Please leave us a message.