Fuente base de datos: Wordfence Intelligence

Contact Form by Bit Form: Multi Step Form, Calculation Contact Form, Payment Contact Form & Custom Contact Form builder <= 2.17.3 - Missing Authorization to Authenticated (Subscriber+) Form Submission Disclosure

PLUGIN MEDIUM CVE-2024-12190

Fuente base: Wordfence Intelligence. Contenido enriquecido por IA con revisión editorial interna.

Vulnerabilidades relacionadas

MEDIUM PLUGIN

bit-form

Bit Form <= 2.21.10 - Authenticated (Administrator+) SQL Injection

MEDIUM PLUGIN

bit-form

Bit Form – Contact Form Plugin <= 2.21.6 - Missing Authorization to Unauthenticated Workflow Replay

CRITICAL PLUGIN

bit-form

Contact Form by Bit Form - Bit Form <= 2.20.3 - Unauthenticated Arbitrary File Upload

MEDIUM PLUGIN

bit-form

Contact Form by Bit Form <= 2.17.5 - Unauthenticated Sensitive Information Exposure

MEDIUM PLUGIN

bit-form

Contact Form by Bit Form <= 2.18.3 - Authenticated (Author+) Stored Cross-Site Scripting via SVG File Upload

HIGH PLUGIN

bit-form

Bit Form – Contact Form Plugin <= 2.18.0 - Open Redirect

LOW PLUGIN

bit-form

Contact Form by Bit Form <= 2.17.4 - Authenticated (Administrator+) Server-Side Request Forgery

MEDIUM PLUGIN

bit-form

Contact Form by Bit Form: Multi Step Form, Calculation Contact Form, Payment Contact Form & Custom Contact Form builder <= 2.15.2 - Authenticated (Administrator+) Improper Input Validation via iconUpload Function to Arbitrary File Read

¿Tu WordPress podría estar expuesto?

Comprueba si tu web tiene esta vulnerabilidad

Nuestro analizador detecta plugins desactualizados, brechas de seguridad activas y vulnerabilidades conocidas en menos de 2 minutos, de forma gratuita.

Hacer el análisis gratis

Protección profesional para tu WordPress

¿Necesitas ayuda de un experto?

Nuestro servicio de mantenimiento y seguridad WordPress gestiona actualizaciones, parchea vulnerabilidades y monitoriza tu web de forma continua.

Hablar con un experto