VYPR
Vendor

Contactlistpro

Products
1
CVEs
2
Across products
2
Status
Private

Products

1

Recent CVEs

2
  • CVE-2026-3516MedMar 21, 2026
    risk 0.35cvss 6.4epss 0.00

    The Contact List plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the '_cl_map_iframe' parameter in all versions up to, and including, 3.0.18. This is due to insufficient input sanitization and output escaping when handling the Google Maps iframe custom…

  • CVE-2024-34821MedJun 11, 2024
    risk 0.34cvss 5.3epss 0.00

    Missing Authorization vulnerability in Anssi Laitila Contact List contact-list.This issue affects Contact List: from n/a through <= 2.9.87.