WordPress Plugin Vulnerabilities

Easy Contact Form Lite <= 1.0.7 - SQL Injection

Description

The easy-contact-form-lite WordPress plugin was affected by a SQL Injection security vulnerability.

Affects Plugins

Plugin icon
easy-contact-form-lite
No known fix

References

Exploitdb
17680

Classification

Type
SQLI
OWASP top 10
A1: Injection
CWE
CWE-89

Miscellaneous

Verified
No
WPVDB ID
a1682f6a-7270-462f-9308-ecffafb80e24

Timeline

Publicly Published
2014-08-01 (about 11 years ago)
Added
2014-08-01 (about 11 years ago)
Last Updated
2019-10-21 (about 6 years ago)

Other

Published
Title
Published
2023-01-12
Title
Survey Maker < 3.1.2 - Subscriber+ SQLi
Published
2025-09-26
Title
LambertGroup - AllInOne - Banner with Thumbnails <= 3.8 - Authenticated (Contributor+) SQL Injection
Published
2025-01-31
Title
MultiLoca - WooCommerce Multi Locations Inventory Management < 4.1.12 - Authenticated (Subscriber+) SQL Injection
Published
2024-04-29
Title
School Management Pro <= 10.3.4 - Authenticated (School Admin+) SQL Injection
Published
2017-04-10
Title
Calendar by WD <= 1.5.51 - Authenticated Blind SQL Injection