Logo
-

Byte Open Security

(ByteOS Network)

Log In

Sign Up

ByteOS

Security
Vulnerability Details
Registries
Custom Views
Weaknesses
Attack Patterns
Filters & Tools

ajax_contact_form

Source -

ADP

CNA CVEs -

0

ADP CVEs -

1

CISA CVEs -

0

NVD CVEs -

0
Related CVEsRelated VendorsRelated AssignersReports
1Vulnerabilities found
CVE-2024-5808
Assigner-WPScan
ShareView Details
Assigner-WPScan
CVSS Score-4.3||MEDIUM
EPSS-0.05% / 14.93%
||
7 Day CHG~0.00%
Published-30 Jul, 2024 | 06:00
Updated-28 May, 2025 | 00:49
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
WP Ajax Contact Form <= 2.2.2 - Arbitrary Email Deletion via CSRF

The WP Ajax Contact Form WordPress plugin through 2.2.2 does not have CSRF check in place when deleting emails from the email list, which could allow attackers to make a logged in admin perform such action via a CSRF attack

Action-Not Available
Vendor-masdiblogsUnknownolaf_lederer
Product-wp_ajax_contact_formWP Ajax Contact Formajax_contact_form
CWE ID-CWE-352
Cross-Site Request Forgery (CSRF)