Bit Form – Custom Contact Form, Multi Step, Conversational Form & Payment Form builder

Vulnerabilities 21Slug bit-formLatest version 2.22.2WordPress.org →

Minimum safe version

2.21.11

Update to 2.21.11 or later to address 21 fixable vulnerabilities

Latest available2.22.2 ✓

High 7.6

2026-02-19< 2.21.11

CVE-2026-25418

CVE Wordfence

Medium 6.5

2026-01-07< 2.21.7

CVE-2025-14901

CVE Wordfence

Critical 9.8

2025-08-15< 2.20.4

Contact Form by Bit Form - Bit Form <= 2.20.3 - Unauthenticated Arbitrary File Upload

EUVD Wordfence CVE

Medium 5.3

2025-07-02< 2.17.6

CVE-2024-13451

CVE EUVD Wordfence

Medium 4.9

2025-04-25< 2.18.4

Contact Form by Bit Form <= 2.18.3 - Authenticated (Author+) Stored Cross-Site Scripting via SVG File Upload

EUVD Wordfence CVE

Medium 4.7

2025-03-27< 2.18.1

CVE-2025-30885

CVE Wordfence EUVD

Low 3.8

2025-01-25< 2.17.5

CVE-2024-13450

CVE EUVD Wordfence

Medium 4.3

2024-12-25< 2.17.4

CVE-2024-12190

CVE Wordfence Patchstack

Medium 4.9

2024-10-11< 2.15.3

CVE-2024-9507

CVE Patchstack Wordfence

High 8.0

2024-10-05< 2.13.11

CVE-2024-47319

CVE Patchstack Wordfence

High 7.6

2024-10-07< 2.13.12

CVE-2024-47335

CVE Patchstack Wordfence

High 7.1

2024-10-06< 2.13.11

CVE-2024-47301

CVE Patchstack Wordfence

High 7.2

2024-08-20< 2.13.10

CVE-2024-7780

CVE Wordfence

Medium 4.8

2024-08-20< 2.13.10

CVE-2024-7775

CVE Patchstack Wordfence

High 7.2

2024-08-20< 2.13.10

CVE-2024-7702

CVE Patchstack Wordfence

Medium 6.5

2024-08-20< 2.13.5

CVE-2024-7782

CVE Patchstack Wordfence

Critical 9.0

2024-08-20< 2.13.10

CVE-2024-7777

CVE Patchstack Wordfence

High 7.2

2024-07-09< 2.13.4

CVE-2024-6123

CVE Patchstack Wordfence

Medium 5.3

2024-03-13< 2.10.2

CVE-2024-1640

CVE Wordfence Patchstack WPScan

Medium 4.8

2023-08-14< 2.2.0

CVE-2023-3645

CVE Patchstack Wordfence WPScan

Critical 9.8

2023-05-15< 1.9

CVE-2022-4774

CVE Patchstack Wordfence WPScan