WordPress Plugin Vulnerabilities

bigcontact - SQLI

Description

The BigContact Contact Page WordPress plugin was affected by a SQLI security vulnerability.

Affects Plugins

Plugin icon
bigcontact
Fixed in 1.4.7

References

URL
https://plugins.trac.wordpress.org/changeset/689798

Classification

Type
SQLI
OWASP top 10
A1: Injection
CWE
CWE-89

Miscellaneous

Verified
No
WPVDB ID
4ef13bf8-8a7c-4d58-81ab-ae6ee1a04775

Timeline

Publicly Published
2014-08-01 (about 11 years ago)
Added
2014-08-01 (about 11 years ago)
Last Updated
2019-10-21 (about 6 years ago)

Other

Published
Title
Published
2025-04-25
Title
Absolute Links <= 1.1.1 - Authenticated (Administrator+) SQL Injection
Published
2026-02-07
Title
Fox LMS < 1.0.6.4 - Authenticated (Contributor+) SQL Injection
Published
2024-11-08
Title
L Squared Hub WP <= 1.0 - Authenticated (Contributor+) SQL Injection
Published
2025-11-11
Title
DB Access <= 0.8.7 - Subscriber+ SQLi
Published
2021-07-15
Title
WooCommerce Blocks 2.5 to 5.5 - Unauthenticated SQL Injection