Creative-Solutions Creative Contact Form vulnerabilities
3 known vulnerabilities affecting creative-solutions/creative_contact_form.
Total CVEs
3
CISA KEV
0
Public exploits
1
Exploited in wild
1
Severity breakdown
CRITICAL1HIGH1MEDIUM1
Vulnerabilities
Page 1 of 1
CVE-2014-8739P1CRITICALCVSS 9.8ExploitedPoCfixed in 1.0.0fixed in 2.0.12020-02-08
CVE-2014-8739 [CRITICAL] CWE-434 CVE-2014-8739: Unrestricted file upload vulnerability in server/php/UploadHandler.php in the jQuery File Upload Plu
Unrestricted file upload vulnerability in server/php/UploadHandler.php in the jQuery File Upload Plugin 6.4.4 for jQuery, as used in the Creative Solutions Creative Contact Form (formerly Sexy Contact Form) before 1.0.0 for WordPress and before 2.0.1 for Joomla!, allows remote attackers to execute arbitrary code by uploading a PHP file with an PHP e
nvd
CVE-2020-9364P4MEDIUMCVSS 5.3v4.6.22020-03-04
CVE-2020-9364 [MEDIUM] CWE-22 CVE-2020-9364: An issue was discovered in helpers/mailer.php in the Creative Contact Form extension 4.6.2 before 20
An issue was discovered in helpers/mailer.php in the Creative Contact Form extension 4.6.2 before 2019-12-03 for Joomla!. A directory traversal vulnerability resides in the filename field for uploaded attachments via the creativecontactform_upload parameter. An attacker could exploit this vulnerability with the "Send me a copy" option to receive any fi
nvd
CVE-2025-52794P4HIGHCVSS 7.1≤ 1.0.02025-06-20
CVE-2025-52794 [HIGH] CWE-352 CVE-2025-52794: Cross-Site Request Forgery (CSRF) vulnerability in Creative-Solutions Creative Contact Form sexy-con
Cross-Site Request Forgery (CSRF) vulnerability in Creative-Solutions Creative Contact Form sexy-contact-form allows Stored XSS.This issue affects Creative Contact Form: from n/a through <= 1.0.0.
nvd