VYPR

Contact Form & SMTP

by WordPress

CVEs (2)

  • CVE-2024-11273MedMar 25, 2025
    risk 0.40cvss 6.1epss 0.00

    The Contact Form & SMTP Plugin for WordPress by PirateForms WordPress plugin before 2.6.0 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfiltered_html…

  • CVE-2024-11272MedMar 25, 2025
    risk 0.40cvss 6.1epss 0.00

    The Contact Form & SMTP Plugin for WordPress by PirateForms WordPress plugin before 2.6.0 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfiltered_html…