Contact Form by Supsystic

Vulnerabilities 15Slug contact-form-by-supsysticLatest version 1.8.0WordPress.org →

Minimum safe version

1.8.0

Update to 1.8.0 or later to address 15 fixable vulnerabilities

Latest available1.8.0 ✓

N/A

2026-03-30< 1.8.0

Contact Form by Supsystic <= 1.7.36 - Unauthenticated Server-Side Template Injection via Prefill Functionality

Wordfence CVE

High 7.1

2025-10-22< 1.8.0

CVE-2025-52753

CVE Wordfence

Medium 6.1

2025-04-16< 1.7.30

CVE-2024-13452

CVE EUVD Patchstack Wordfence

Medium 5.9

2024-10-17< 1.7.29

CVE-2024-48046

CVE Patchstack Wordfence

Critical 9.1

2024-10-16< 1.7.29

CVE-2024-48042

CVE Patchstack Wordfence

Medium 5.4

2023-10-12< 1.7.28

CVE-2023-45068

CVE Patchstack Wordfence WPScan

High 8.8

2023-05-16< 1.7.25

CVE-2023-2528

CVE Wordfence Patchstack WPScan

N/A

2021-02-08< 1.7.11

Contact Form by Supsystic <= 1.7.10 - SQL Injections

Wordfence

N/A

2021-10-28< 1.7.20

Contact Form by Supsystic < 1.7.20 - Authenticated (Admin+) Stored Cross-Site Scripting

Wordfence

N/A

< 1.7.7

Contact Form by Supsystic < 1.7.7 - Authenticated Stored Cross-Site Scripting (XSS)

WPScan

N/A

< 1.7.11

Contact Form by Supsystic < 1.7.11 - Authenticated SQL Injections

WPScan

N/A

< 1.7.20

Contact Form by Supsystic < 1.7.20 - Admin+ Stored Cross-Site Scripting

WPScan

N/A

2021-02-08< 1.7.7

WordPress Contact Form by Supsystic plugin <= 1.7.5 - Stored Cross-Site Scripting (XSS) vulnerability

Patchstack

N/A

2021-02-08< 1.7.7

WordPress Contact Form by Supsystic plugin <= 1.7.5 - SQL injection (SQLi) vulnerability

Patchstack

Medium 6.1

2021-05-05< 1.7.15

CVE-2021-24276

CVE Patchstack Wordfence WPScan