cleantalk
Vulnerabilities and Security Researches

Simple Basic Contact Form, CVE-2024-4144

CVE, Research URL

CVE-2024-4144

Home page URL

Security reports for Simple Basic Contact Form

Application

Simple Basic Contact Form

Published on
May 14, 2024
Research Description
The Simple Basic Contact Form plugin for WordPress for WordPress is vulnerable to arbitrary shortcode execution in all versions up to, and including, 20240502. This allows unauthenticated attackers to execute arbitrary shortcodes. The severity and exploitability depends on the functionality of other plugins installed in the environment.
Affected versions
Min -, max 20240511.
Status
vulnerable
Previous vulnerability researches
Simple Basic Contact Form (CVE-2022-4226) , Jun 07, 2024
Simple Basic Contact Form (CVE-2024-4150) , Jun 07, 2024
Simple Basic Contact Form (CVE-2024-4144) , Jun 07, 2024
Simple Basic Contact Form (CVE-2024-12716) , May 17, 2025
New vulnerability
Podlove Podcast Publisher (CVE-2024-13730) , May 17, 2025
Podlove Podcast Publisher (CVE-2024-13729) , May 17, 2025
VikBooking Hotel Booking Engine & PMS (CVE-2024-13616) , May 17, 2025
WP2LEADS | WordPress und KlickTipp einfach verbinden – WooCommerce und KlickTipp einfach verbinden (CVE-2025-32922) , May 17, 2025
Posts per Cat [Unmaintained] (CVE-2025-4169) , May 17, 2025