Quick Contact Form

Vulnerabilities 16Slug quick-contact-formLatest version 8.2.7WordPress.org →

Minimum safe version

8.2.7

Update to 8.2.7 or later to address 16 fixable vulnerabilities

Latest available8.2.7 ✓

Medium 5.8

2026-01-17< 8.2.7

CVE-2025-12718

CVE EUVD Wordfence

Medium 4.3

2025-12-09< 8.2.6

CVE-2025-67471

CVE Wordfence

N/A

2025-05-29< 8.2.2

WordPress Quick Contact Form Plugin <= 8.2.1 is vulnerable to Cross Site Scripting (XSS)

Patchstack Wordfence CVE

Medium 6.3

2024-10-16< 8.0.2

Freemius SDK <= 2.4.2 - Missing Authorization Checks

CVE

N/A

< 6.1

Quick Contact Form 6.0 - Stored XSS

WPScan

N/A

< 6.3

Quick Contact Form 6.2 - Unspecified XSS

WPScan

N/A

2023-07-18< 8.0.6.8

WordPress Quick Contact Form Plugin < 8.0.6.8 is vulnerable to Cross Site Scripting (XSS)

Patchstack WPScan CVE

Medium 5.9

2023-04-25< 8.0.4

CVE-2022-47608

CVE Wordfence Patchstack WPScan

Medium 6.5

2023-04-07< 8.0.4

CVE-2023-23885

CVE Patchstack Wordfence WPScan

Medium 6.5

2024-12-09< 8.0.4

CVE-2023-25035

CVE Patchstack Wordfence

N/A

2013-10-06< 6.1

Quick Contact Form < 6.1 - Cross-Site Scripting

Wordfence

N/A

2022-03-04< 8.0.2

Freemius SDK <= 2.4.2 - Missing Authorization Checks

Wordfence

N/A

2013-10-08< 6.1

WordPress Quick Contact Form Plugin 6.0 - Persistent XSS

Patchstack

N/A

2015-05-15< 6.3

WordPress Quick Contact Form Plugin <= 6.2 - Cross Site Scripting

Patchstack

N/A

2022-02-28< 8.0.2

WordPress Quick Contact Form plugin < 8.0.2 - Sensitive Information Disclosure vulnerability

Patchstack

N/A

2022-02-28< 8.0.2

WordPress Quick Contact Form plugin < 8.0.2 - Toggle The Debug Mode via Cross-Site Request Forgery (CSRF) vulnerability

Patchstack