Vulnerabilities and security researches forsimple-contact-forms simple-contact-forms

Nov 11, 2025

CVE, Research URL: CVE-2025-60197
Home page URL: Security reports for Simple Contact Forms
Application: Simple Contact Forms
Date: Nov 06, 2025
Research Description: Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in owenr88 Simple Contact Forms simple-contact-forms allows PHP Local File Inclusion.This issue affects Simple Contact Forms: from n/a through <= 1.6.4.
Affected versions: max 1.6.4.
Status: vulnerable

Apr 02, 2025

CVE, Research URL: CVE-2025-31615
Home page URL: Security reports for Simple Contact Forms
Application: Simple Contact Forms
Date: Mar 31, 2025
Research Description: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in owenr88 Simple Contact Forms allows Stored XSS. This issue affects Simple Contact Forms: from n/a through 1.6.4.
Affected versions: max 1.6.4.
Status: vulnerable