PT-2026-27902 · WordPress · Wpforms Contact Form
Published
2026-03-25
·
Updated
2026-03-30
·
CVE-2026-25339
CVSS v3.1
6.5
Medium
| Vector | AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N |
Name of the Vulnerable Software and Affected Versions
Contact Form by WPForms versions n/a through 1.9.8.7
Description
A flaw exists in Contact Form by WPForms that allows retrieval of embedded sensitive data due to insertion of sensitive information into sent data. This issue impacts the way data is handled within the contact form, potentially exposing confidential information.
Recommendations
Update Contact Form by WPForms to a version newer than 1.9.8.7.
Fix
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Wpforms Contact Form