cleantalk
Vulnerabilities and Security Researches

Responsive Contact Form Builder & Lead Generation Plugin, CVE-2021-24967

CVE, Research URL

CVE-2021-24967

Home page URL

Security reports for Responsive Contact Form Builder & Lead Generation Plugin

Application

Responsive Contact Form Builder & Lead Generation Plugin

Published on
Dec 27, 2021
Research Description
The Contact Form & Lead Form Elementor Builder WordPress plugin before 1.6.4 does not sanitise and escape some lead values, which could allow unauthenticated users to perform Cross-Site Scripting attacks against logged in admin viewing the inserted Leads
Affected versions
Min -, max 1.6.4.
Status
vulnerable
Previous vulnerability researches
Responsive Contact Form Builder & Lead Generation Plugin (CVE-2022-23180) , Jun 07, 2024
Responsive Contact Form Builder & Lead Generation Plugin (CVE-2022-23179) , Jun 07, 2024
Responsive Contact Form Builder & Lead Generation Plugin (CVE-2024-3637) , Jun 07, 2024
Responsive Contact Form Builder & Lead Generation Plugin (CVE-2024-1416) , Jun 07, 2024
Responsive Contact Form Builder & Lead Generation Plugin (CVE-2024-1415) , Jun 07, 2024
New vulnerability
Dot html,php,xml etc pages (CVE-2025-48112) , May 18, 2025
Sharespine Woocommerce Connector (CVE-2025-48128) , May 18, 2025
Wishlist (CVE-2025-31063) , May 18, 2025
Wishlist (CVE-2025-31062) , May 18, 2025
WP-Members Membership Plugin (CVE-2025-4610) , May 18, 2025