Medium 6.5
2026-03-25< 1.3.64
CVE-2026-32483
Contact Form Email
Minimum safe version
1.3.64
Update to 1.3.64 or later to address 22 fixable vulnerabilities
Latest available1.3.66 ✓
Medium 6.5
2025-12-18< 1.3.61
CVE-2025-10019
Medium 6.5
2025-11-15< 1.3.59
Contact Form Email <= 1.3.58 - Missing Authorization
Medium 5.9
2025-01-24< 1.3.53
CVE-2025-24727
Medium 5.3
2024-04-10< 1.3.45
CVE-2024-31302
Medium 4.8
2024-12-19< 1.3.44
WordPress Contact Form Email Plugin < 1.3.44 is vulnerable to Cross Site Scripting (XSS)
Medium 5.3
2024-06-04< 1.3.42
CVE-2023-48318
Medium 5.4
2023-06-22< 1.3.38
WordPress Contact Form Email Plugin < 1.3.38 is vulnerable to Cross Site Scripting (XSS)
Medium 4.3
2024-06-04< 1.3.32
CVE-2023-28494
N/A
2023-03-21< 1.3.32
Contact Form Email <= 1.3.31 - Cross-Site Request Forgery to Feedback Submission
N/A
2014-11-22< 1.0.1
Contact Form Email < 1.0.1 - Cross-Site Scripting
N/A
2015-05-13< 1.3.12
Contact Form Email <= 1.3.11 - Cross-Site Request Forgery to Cross-Site Scripting
N/A
2016-07-24< 1.1.48
Contact Form Email < 1.1.48 - Reflected Cross-Site Scripting
N/A
< 1.1.5
wpscan.com
N/A
< 1.1.48
Contact Form to Email <= 1.1.47 - Authenticated Reflected Cross-Site Scripting (XSS)
N/A
2015-05-13< 1.1.5
WordPress Contact Form To Email Plugin <= 1.1.4 - Multiple Vulnerabilities
N/A
2015-05-13< 1.1.5
WordPress Contact Form To Email Plugin <= 1.1.4 - Multiple Vulnerabilities
N/A
2016-07-24< 1.1.48
WordPress Contact Form To Email Plugin <= 1.1.47 - Cross Site Scripting
Medium 6.1
2019-03-12< 1.2.66
WordPress Contact Form Email plugin <= 1.2.65 - Cross-Site Scripting (XSS) vulnerability
High 8.8
2019-08-13< 1.2.66
CVE-2018-20964
Medium 6.1
2019-08-13< 1.2.66
CVE-2018-20963
Medium 4.8
2021-11-17< 1.3.25
CVE-2021-42361