cleantalk
Vulnerabilities and Security Researches

WordPress Contact Forms by Cimatti, CVE-2023-28789

CVE, Research URL

CVE-2023-28789

Home page URL

Security reports for WordPress Contact Forms by Cimatti

Application

WordPress Contact Forms by Cimatti

Published on
Apr 07, 2023
Research Description
Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in Cimatti Consulting WordPress Contact Forms by Cimatti plugin <= 1.5.4 versions.
Affected versions
max 1.5.5.
Status
vulnerable
Previous vulnerability researches
Simple Contact Forms (CVE-2025-31615) , Apr 02, 2025
Simple Contact Forms (CVE-2025-60197) , Nov 11, 2025
WordPress Contact Forms by Cimatti (CVE-2025-49069) , Jun 14, 2025
WordPress Contact Forms by Cimatti (2d669501ada3e5144b1df53e139e197bdea2364f) , Jun 16, 2026
WordPress Contact Forms by Cimatti (CVE-2024-12184) , Feb 02, 2025
New vulnerability
leenk.me (753d31765913b4d2dbb8af0a5512e5f1f8c70c61) , Jun 16, 2026
Social Hashtags (5abd4657-8a58-4d97-b8cb-b67235ab5b8a) , Jun 16, 2026
Social Hashtags (1965c7b04565befbb11c28b56cb6922733a47b03) , Jun 16, 2026
Social Hashtags (a7cf6766582e354e702766a86f85716127d19bdc) , Jun 16, 2026
Simple Calendar &#8211; Google Calendar Plugin (e98a6264-9c5a-417f-b2f8-bd0017b411a0) , Jun 16, 2026