Filtered by vendor Bitapps Subscriptions
Filtered by product Bit Form Subscriptions
Total 6 CVE
CVE Vendors Products Updated CVSS v3.1
CVE-2022-4774 1 Bitapps 1 Bit Form 2024-11-21 9.8 Critical
The Bit Form WordPress plugin before 1.9 does not validate the file types uploaded via it's file upload form field, allowing unauthenticated users to upload arbitrary files types such as PHP or HTML files to the server, leading to Remote Code Execution.
CVE-2024-47319 1 Bitapps 1 Bit Form 2024-10-08 8 High
Unrestricted Upload of File with Dangerous Type vulnerability in Bit Apps Bit Form – Contact Form Plugin allows Code Injection.This issue affects Bit Form – Contact Form Plugin: from n/a through 2.13.10.
CVE-2024-43251 1 Bitapps 1 Bit Form 2024-09-17 6.5 Medium
Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Bit Apps Bit Form Pro.This issue affects Bit Form Pro: from n/a through 2.6.4.
CVE-2024-43248 1 Bitapps 2 Bit Form, Bit Form Pro 2024-09-06 8.6 High
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in Bit Apps Bit Form Pro allows File Manipulation.This issue affects Bit Form Pro: from n/a through 2.6.4.
CVE-2024-43249 1 Bitapps 2 Bit Form, Bit Form Pro 2024-09-06 9.9 Critical
Unrestricted Upload of File with Dangerous Type vulnerability in Bit Apps Bit Form Pro allows Command Injection.This issue affects Bit Form Pro: from n/a through 2.6.4.
CVE-2024-43250 1 Bitapps 1 Bit Form 2024-09-06 7.1 High
Incorrect Authorization vulnerability in Bit Apps Bit Form Pro bitformpro allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects Bit Form Pro: from n/a through 2.6.4.