cleantalk
Vulnerabilities and Security Researches

Simple Contact Forms, CVE-2025-31615

CVE, Research URL

CVE-2025-31615

Home page URL

Security reports for Simple Contact Forms

Application

Simple Contact Forms

Published on
Mar 31, 2025
Research Description
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in owenr88 Simple Contact Forms allows Stored XSS. This issue affects Simple Contact Forms: from n/a through 1.6.4.
Affected versions
max 1.6.4.
Status
vulnerable
Previous vulnerability researches
Simple Contact Forms (CVE-2025-31615) , Apr 02, 2025
Simple Contact Forms (CVE-2025-60197) , Nov 11, 2025
New vulnerability
One Page Express Companion (CVE-2025-62052) , Nov 11, 2025
Boldermail – Email Marketing and Newsletters for WordPress (CVE-2025-52740) , Nov 11, 2025
Block Country (CVE-2025-48077) , Nov 11, 2025
Attesa Extra (CVE-2025-62971) , Nov 11, 2025
Content Locker for Elementor (CVE-2025-10896) , Nov 11, 2025