Vulnerabilities and security researches forflamingo flamingo

Jun 07, 2024

CVE, Research URL: 022a9997dfc335fe7d818f90b085eb691dd3ba3c
Home page URL: Security reports for Flamingo
Application: Flamingo
Date: Jan 28, 2020
Research Description: Flamingo [flamingo] < 2.1.1 WordPress Flamingo plugin <= 2.1 - CSV Injection vulnerability CSV Injection vulnerability found by Vishnupriya Ilango (FortiGuard Labs) in WordPress Flamingo plugin (versions <= 2.1).
Affected versions: Min -, max -.
Status: vulnerable

Apr 16, 2025

PSC, Research URL: PSC-2025-64564
Home page URL: Security reports for Flamingo
Application: Flamingo
Date: Apr 16, 2025
Research Description: When it comes to handling communication on WordPress websites, Contact Form 7 is one of the most popular plugins for form submissions. However, it doesn’t store messages by default. This is where Flamingo steps in—a reliable message storage plugin that captures all submissions directly into the WordPress database. Whether it’s email delivery issues or server misconfigurations, Flamingo ensures no submitted message is ever lost. With version 2.5 of Flamingo successfully passing the Plugin Security Certification (PSC-2024-64564) by CleanTalk, users can now rely on not just functionality, but verified code security when storing contact form submissions. The certification guarantees that Flamingo adheres to secure coding standards and doesn’t introduce vulnerabilities into the site it’s installed on.
Affected versions: Min -, max -.
Status: SAFE & CERTIFIED