cleantalk
Vulnerabilities and Security Researches

Contact Form by Supsystic, CVE-2024-48042

CVE, Research URL

CVE-2024-48042

Home page URL

Security reports for Contact Form by Supsystic

Application

Contact Form by Supsystic

Published on
Oct 16, 2024
Research Description
Improper Neutralization of Special Elements Used in a Template Engine vulnerability in Supsystic Contact Form by Supsystic allows Command Injection.This issue affects Contact Form by Supsystic: from n/a through 1.7.28.
Affected versions
Min -, max 1.7.29.
Status
vulnerable
Previous vulnerability researches
Contact Form by Supsystic (CVE-2024-13452) , Apr 17, 2025
Contact Form by Supsystic (CVE-2024-48046) , Oct 18, 2024
Contact Form by Supsystic (CVE-2021-24276) , Jun 07, 2024
Contact Form by Supsystic (CVE-2023-2528) , Jun 07, 2024
Contact Form by Supsystic (CVE-2023-45068) , Jun 07, 2024
New vulnerability
WP Logger (CVE-2025-39456) , Apr 20, 2025
visualslider Sldier (CVE-2025-23448) , Apr 20, 2025
RSS Manager (CVE-2025-39418) , Apr 20, 2025
Contact Form vCard Generator (CVE-2025-39521) , Apr 20, 2025
AdminQuickbar (CVE-2025-39464) , Apr 20, 2025