High severity7.6NVD Advisory· Published Nov 4, 2023· Updated Apr 29, 2026

CVE-2023-32741

Description

Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in IT Path Solutions PVT LTD Contact Form to Any API allows SQL Injection.This issue affects Contact Form to Any API: from n/a through 1.1.2.

Affected products

Itpathsolutions/Contact Form To Any API
cpe:2.3:a:itpathsolutions:contact_form_to_any_api:*:*:*:*:*:wordpress:*:*
Range: <=1.1.2

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

patchstack.com/database/vulnerability/contact-form-to-any-api/wordpress-contact-form-to-any-api-plugin-1-1-2-sql-injection-vulnerabilitynvdThird Party Advisory
packetstormsecurity.com/files/175654/WordPress-Contact-Form-To-Any-API-1.1.2-SQL-Injection.htmlnvd

News mentions

No linked articles in our index yet.

cvss	0.494
epss	0.000
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000