Lead Form Builder & Contact Form

Vulnerabilities 14Slug lead-form-builderLatest version 2.1.3WordPress.org →

Minimum safe version

2.0.2

Update to 2.0.2 or later to address 14 fixable vulnerabilities

Latest available2.1.3 ✓

N/A

2026-03-10< 2.0.2

Responsive Contact Form Builder & Lead Generation Plugin <= 2.0.1 - Unauthenticated Stored Cross-Site Scripting

Wordfence CVE

High 7.1

2026-03-25< 2.0.2

CVE-2026-32532

CVE Wordfence

Medium 6.5

2026-01-22< 2.0.2

CVE-2025-68046

CVE Wordfence

Medium 4.8

2025-05-17< 1.9.8

WordPress Contact Form & Lead Form Elementor Builder Plugin < 1.9.8 is vulnerable to Cross Site Scripting (XSS)

Patchstack CVE EUVD Wordfence

Medium 5.4

2024-05-23< 1.9.2

WordPress Contact Form & Lead Form Elementor Builder Plugin <= 1.9.1 is vulnerable to Content Injection

Patchstack CVE Wordfence

Medium 6.1

2024-05-03< 1.9.8

CVE-2024-3637

CVE Patchstack Wordfence

Medium 4.3

2024-05-02< 1.9.0

CVE-2024-1415

CVE Patchstack Wordfence

Medium 4.3

2024-05-02< 1.9.0

CVE-2024-1416

CVE Patchstack Wordfence

N/A

2023-06-27< 1.8.5

WordPress Contact Form & Lead Form Elementor Builder Plugin <= 1.8.4 is vulnerable to Broken Access Control

Patchstack Wordfence CVE

N/A

< 1.6.8

Contact Form & Lead Form Elementor Builder < 1.6.8 - Subscriber+ Arbitrary Lead Deletion

WPScan

N/A

2021-12-22< 1.6.8

WordPress Contact Form & Lead Form Elementor Builder plugin <= 1.6.7 - Arbitrary Lead Deletion vulnerability

Patchstack

Medium 4.8

2024-01-16< 1.7.0

CVE-2022-23179

CVE Patchstack Wordfence WPScan

Medium 4.3

2024-01-16< 1.7.4

CVE-2022-23180

CVE Patchstack Wordfence WPScan

Medium 6.1

2021-12-27< 1.6.4

CVE-2021-24967

CVE Patchstack Wordfence WPScan