WCP Contact Form

Wordfence Intelligence > Vulnerability Database > WordPress Plugins > WCP Contact Form

Information

Software Type	Plugin
Software Slug	wcp-contact-form (view on wordpress.org)
Software Status	Removed
Software Author	webcodin
Software Website	wordpress.org
Software Downloads	96,827
Software Active Installs	3,000
Software Record Last Updated	September 28, 2023

3 vulnerabilities

WCP Contact Form <= 3.1.0 - Missing Authorization

5.4

CVE-2023-32519

May 10, 2023

Researcher: thiennv

WCP Contact Form <= 3.1.0 - Missing Authorization via downloadCsv

5.3

CVE-2023-32520

May 10, 2023

Researcher: thiennv

WCP Contact Form <= 3.1.0 - Reflected Cross-Site Scripting via tab parameter

6.1

CVE-2023-22703

Apr 19, 2023

Researcher: Le Ngoc Anh

Title	CVE ID	CVSS	Researchers	Date
WCP Contact Form <= 3.1.0 - Missing Authorization	CVE-2023-32519	5.4	thiennv	May 10, 2023
WCP Contact Form <= 3.1.0 - Missing Authorization via downloadCsv	CVE-2023-32520	5.3	thiennv	May 10, 2023
WCP Contact Form <= 3.1.0 - Reflected Cross-Site Scripting via tab parameter	CVE-2023-22703	6.1	Le Ngoc Anh	April 19, 2023

All the threat data shared in this database is powered by Wordfence Intelligence Enterprise.
Interested in integrating this data into your platform or network?
Contact us now to discuss API access to our Wordfence Intelligence Enterprise Data Feeds.

Inquire Now

Want to get notified of the latest vulnerabilities that may affect your WordPress site?
Install Wordfence on your site today to get notified immediately if your site is affected by a vulnerability that has been added to our database.

Get Wordfence

The Wordfence Intelligence WordPress vulnerability database is completely free to access and query via API. Please review the documentation on how to access and consume the vulnerability data via API.

Documentation