Search
Find a vulnerability
Search criteria
46 vulnerabilities by bitpressadmin
CVE-2026-11989 (GCVE-0-2026-11989)
Vulnerability from nvd – Published: 2026-06-19 04:31 – Updated: 2026-06-23 20:45
VLAI
Title
Bit integrations <= 2.8.7 - Unauthenticated Server-Side Request Forgery via Form Field Upload Mapping
Summary
The Bit integrations – Form Integration, Webhook, Spreadsheets, CRM, LMS & Email Automation plugin for WordPress is vulnerable to Server-Side Request Forgery in all versions up to, and including, 2.8.7 via the upload_attachment. This makes it possible for unauthenticated attackers to make web requests to arbitrary locations originating from the web application and can be used to query and modify information from internal services. Exploitation requires a form integration to be configured with a field mapped to a WooCommerce product image, product gallery, downloadable files, or Google Contacts attachment field, which is a default use case for these integrations.
Severity
6.5 (Medium)
SSVC
Exploitation: none
Automatable: yes
Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
- CWE-918 - Server-Side Request Forgery (SSRF)
Assigner
References
10 references
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| bitpressadmin | Bit integrations – Form Integration, Webhook, Spreadsheets, CRM, LMS & Email Automation |
Affected:
0 , ≤ 2.8.7
(semver)
|
Credits
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-11989",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-06-23T20:45:42.275240Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-06-23T20:45:53.492Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Bit integrations \u2013 Form Integration, Webhook, Spreadsheets, CRM, LMS \u0026 Email Automation",
"vendor": "bitpressadmin",
"versions": [
{
"lessThanOrEqual": "2.8.7",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Chris Peterson"
}
],
"descriptions": [
{
"lang": "en",
"value": "The Bit integrations \u2013 Form Integration, Webhook, Spreadsheets, CRM, LMS \u0026 Email Automation plugin for WordPress is vulnerable to Server-Side Request Forgery in all versions up to, and including, 2.8.7 via the upload_attachment. This makes it possible for unauthenticated attackers to make web requests to arbitrary locations originating from the web application and can be used to query and modify information from internal services. Exploitation requires a form integration to be configured with a field mapped to a WooCommerce product image, product gallery, downloadable files, or Google Contacts attachment field, which is a default use case for these integrations."
}
],
"metrics": [
{
"cvssV3_1": {
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-918",
"description": "CWE-918 Server-Side Request Forgery (SSRF)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-06-19T04:31:33.792Z",
"orgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599",
"shortName": "Wordfence"
},
"references": [
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/bdf8d5c2-dbb1-47d5-b858-da6f6e1989f4?source=cve"
},
{
"url": "https://plugins.trac.wordpress.org/browser/bit-integrations/tags/2.8.7/backend/Actions/WooCommerce/RecordApiHelper.php#L631"
},
{
"url": "https://plugins.trac.wordpress.org/browser/bit-integrations/tags/2.8.7/backend/Actions/GoogleContacts/RecordApiHelper.php#L139"
},
{
"url": "https://plugins.trac.wordpress.org/browser/bit-integrations/tags/2.8.7/backend/Actions/WooCommerce/RecordApiHelper.php#L584"
},
{
"url": "https://plugins.trac.wordpress.org/browser/bit-integrations/tags/2.8.7/backend/Actions/GoogleContacts/RecordApiHelper.php#L168"
},
{
"url": "https://plugins.trac.wordpress.org/browser/bit-integrations/tags/2.8.2/backend/Actions/WooCommerce/RecordApiHelper.php#L631"
},
{
"url": "https://plugins.trac.wordpress.org/browser/bit-integrations/tags/2.8.2/backend/Actions/GoogleContacts/RecordApiHelper.php#L139"
},
{
"url": "https://plugins.trac.wordpress.org/browser/bit-integrations/tags/2.8.2/backend/Actions/WooCommerce/RecordApiHelper.php#L584"
},
{
"url": "https://plugins.trac.wordpress.org/browser/bit-integrations/tags/2.8.2/backend/Actions/GoogleContacts/RecordApiHelper.php#L168"
},
{
"url": "https://plugins.trac.wordpress.org/changeset?sfp_email=\u0026sfph_mail=\u0026reponame=\u0026old=3571608%40bit-integrations\u0026new=3571608%40bit-integrations\u0026sfp_email=\u0026sfph_mail="
}
],
"timeline": [
{
"lang": "en",
"time": "2026-06-11T14:45:34.000Z",
"value": "Vendor Notified"
},
{
"lang": "en",
"time": "2026-06-18T15:58:38.000Z",
"value": "Disclosed"
}
],
"title": "Bit integrations \u003c= 2.8.7 - Unauthenticated Server-Side Request Forgery via Form Field Upload Mapping"
}
},
"cveMetadata": {
"assignerOrgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599",
"assignerShortName": "Wordfence",
"cveId": "CVE-2026-11989",
"datePublished": "2026-06-19T04:31:33.792Z",
"dateReserved": "2026-06-11T14:30:23.613Z",
"dateUpdated": "2026-06-23T20:45:53.492Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2026-25418 (GCVE-0-2026-25418)
Vulnerability from nvd – Published: 2026-02-19 08:27 – Updated: 2026-04-28 16:14
VLAI
Title
WordPress Bit Form plugin <= 2.21.10 - SQL Injection vulnerability
Summary
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Bit Apps Bit Form bit-form allows SQL Injection.This issue affects Bit Form: from n/a through <= 2.21.10.
Severity
7.6 (High)
SSVC
Exploitation: none
Automatable: no
Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
- CWE-89 - Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')
Assigner
References
1 reference
| URL | Tags |
|---|---|
| https://patchstack.com/database/Wordpress/Plugin/… | vdb-entry |
Impacted products
Date Public
2026-04-01 16:05
Credits
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-25418",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-02-19T18:34:14.212704Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-04-28T13:24:59.625Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"collectionURL": "https://wordpress.org/plugins",
"defaultStatus": "unaffected",
"packageName": "bit-form",
"product": "Bit Form",
"vendor": "Bit Apps",
"versions": [
{
"changes": [
{
"at": "2.21.11",
"status": "unaffected"
}
],
"lessThanOrEqual": "2.21.10",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Tr\u01b0\u01a1ng H\u1eefu Ph\u00fac (truonghuuphuc) | Patchstack Bug Bounty Program"
}
],
"datePublic": "2026-04-01T16:05:09.603Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Improper Neutralization of Special Elements used in an SQL Command (\u0027SQL Injection\u0027) vulnerability in Bit Apps Bit Form bit-form allows SQL Injection.\u003cp\u003eThis issue affects Bit Form: from n/a through \u003c= 2.21.10.\u003c/p\u003e"
}
],
"value": "Improper Neutralization of Special Elements used in an SQL Command (\u0027SQL Injection\u0027) vulnerability in Bit Apps Bit Form bit-form allows SQL Injection.This issue affects Bit Form: from n/a through \u003c= 2.21.10."
}
],
"impacts": [
{
"capecId": "CAPEC-66",
"descriptions": [
{
"lang": "en",
"value": "SQL Injection"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 7.6,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "HIGH",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:N/A:L",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-89",
"description": "Improper Neutralization of Special Elements used in an SQL Command (\u0027SQL Injection\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-04-28T16:14:58.487Z",
"orgId": "21595511-bba5-4825-b968-b78d1f9984a3",
"shortName": "Patchstack"
},
"references": [
{
"tags": [
"vdb-entry"
],
"url": "https://patchstack.com/database/Wordpress/Plugin/bit-form/vulnerability/wordpress-bit-form-plugin-2-21-10-sql-injection-vulnerability?_s_id=cve"
}
],
"title": "WordPress Bit Form plugin \u003c= 2.21.10 - SQL Injection vulnerability"
}
},
"cveMetadata": {
"assignerOrgId": "21595511-bba5-4825-b968-b78d1f9984a3",
"assignerShortName": "Patchstack",
"cveId": "CVE-2026-25418",
"datePublished": "2026-02-19T08:27:06.644Z",
"dateReserved": "2026-02-02T12:53:26.262Z",
"dateUpdated": "2026-04-28T16:14:58.487Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2025-14901 (GCVE-0-2025-14901)
Vulnerability from nvd – Published: 2026-01-07 06:35 – Updated: 2026-04-08 16:33
VLAI
Title
Bit Form – Contact Form Plugin <= 2.21.6 - Missing Authorization to Unauthenticated Workflow Replay
Summary
The Bit Form – Contact Form Plugin plugin for WordPress is vulnerable to unauthorized workflow execution due to missing authorization in the triggerWorkFlow function in all versions up to, and including, 2.21.6. This is due to a logic flaw in the nonce verification where the security check only blocks requests when both the nonce verification fails and the user is logged in. This makes it possible for unauthenticated attackers to replay form workflow executions and trigger all configured integrations including webhooks, email notifications, CRM integrations, and automation platforms via the bitforms_trigger_workflow AJAX action granted they can obtain the entry ID and log IDs from a legitimate form submission response.
Severity
6.5 (Medium)
SSVC
Exploitation: none
Automatable: yes
Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
- CWE-862 - Missing Authorization
Assigner
References
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| bitpressadmin | Bit Form – Custom Contact Form, Multi Step, Conversational Form & Payment Form builder |
Affected:
0 , ≤ 2.21.6
(semver)
|
Credits
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-14901",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-01-07T14:52:47.173907Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-01-07T16:14:30.203Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Bit Form \u2013 Custom Contact Form, Multi Step, Conversational Form \u0026 Payment Form builder",
"vendor": "bitpressadmin",
"versions": [
{
"lessThanOrEqual": "2.21.6",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "andrea bocchetti"
}
],
"descriptions": [
{
"lang": "en",
"value": "The Bit Form \u2013 Contact Form Plugin plugin for WordPress is vulnerable to unauthorized workflow execution due to missing authorization in the triggerWorkFlow function in all versions up to, and including, 2.21.6. This is due to a logic flaw in the nonce verification where the security check only blocks requests when both the nonce verification fails and the user is logged in. This makes it possible for unauthenticated attackers to replay form workflow executions and trigger all configured integrations including webhooks, email notifications, CRM integrations, and automation platforms via the bitforms_trigger_workflow AJAX action granted they can obtain the entry ID and log IDs from a legitimate form submission response."
}
],
"metrics": [
{
"cvssV3_1": {
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-862",
"description": "CWE-862 Missing Authorization",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-04-08T16:33:04.061Z",
"orgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599",
"shortName": "Wordfence"
},
"references": [
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/0402e4a6-73ba-49e6-bf80-997ac83b4cfe?source=cve"
},
{
"url": "https://plugins.trac.wordpress.org/browser/bit-form/tags/2.21.6/includes/Frontend/Ajax/FrontendAjax.php#L146"
},
{
"url": "https://plugins.trac.wordpress.org/browser/bit-form/tags/2.21.6/includes/Frontend/Ajax/FrontendAjax.php#L30"
},
{
"url": "https://plugins.trac.wordpress.org/changeset?sfp_email=\u0026sfph_mail=\u0026reponame=\u0026new=3429172%40bit-form%2Ftrunk\u0026old=3420966%40bit-form%2Ftrunk\u0026sfp_email=\u0026sfph_mail=#file827"
}
],
"timeline": [
{
"lang": "en",
"time": "2025-12-18T16:48:55.000Z",
"value": "Vendor Notified"
},
{
"lang": "en",
"time": "2026-01-06T17:34:11.000Z",
"value": "Disclosed"
}
],
"title": "Bit Form \u2013 Contact Form Plugin \u003c= 2.21.6 - Missing Authorization to Unauthenticated Workflow Replay"
}
},
"cveMetadata": {
"assignerOrgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599",
"assignerShortName": "Wordfence",
"cveId": "CVE-2025-14901",
"datePublished": "2026-01-07T06:35:57.705Z",
"dateReserved": "2025-12-18T16:33:20.699Z",
"dateUpdated": "2026-04-08T16:33:04.061Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2025-6679 (GCVE-0-2025-6679)
Vulnerability from nvd – Published: 2025-08-15 06:40 – Updated: 2026-04-08 16:59
VLAI
Title
Contact Form by Bit Form - Bit Form <= 2.20.3 - Unauthenticated Arbitrary File Upload
Summary
The Bit Form builder plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in all versions up to, and including, 2.20.4. This makes it possible for unauthenticated attackers to upload arbitrary files on the affected site's server which may make remote code execution possible. For this to be exploitable, the PRO version needs to be installed and activated as well. Additionally a form with an advanced file upload element needs to be published.
Severity
9.8 (Critical)
SSVC
Exploitation: none
Automatable: yes
Technical Impact: total
CISA Coordinator (v2.0.3)
CWE
- CWE-434 - Unrestricted Upload of File with Dangerous Type
Assigner
References
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| bitpressadmin | Bit Form – Custom Contact Form, Multi Step, Conversational Form & Payment Form builder |
Affected:
0 , ≤ 2.20.3
(semver)
|
Credits
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-6679",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-08-15T12:05:16.311145Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-08-15T12:05:26.986Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Bit Form \u2013 Custom Contact Form, Multi Step, Conversational Form \u0026 Payment Form builder",
"vendor": "bitpressadmin",
"versions": [
{
"lessThanOrEqual": "2.20.3",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Nguyen Tan Phat"
}
],
"descriptions": [
{
"lang": "en",
"value": "The Bit Form builder plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in all versions up to, and including, 2.20.4. This makes it possible for unauthenticated attackers to upload arbitrary files on the affected site\u0027s server which may make remote code execution possible. For this to be exploitable, the PRO version needs to be installed and activated as well. Additionally a form with an advanced file upload element needs to be published."
}
],
"metrics": [
{
"cvssV3_1": {
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-434",
"description": "CWE-434 Unrestricted Upload of File with Dangerous Type",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-04-08T16:59:38.425Z",
"orgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599",
"shortName": "Wordfence"
},
"references": [
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/6e2e294f-904b-4674-8baf-d3a9a260d634?source=cve"
},
{
"url": "https://wordpress.org/plugins/bit-form/"
},
{
"url": "https://plugins.trac.wordpress.org/changeset?sfp_email=\u0026sfph_mail=\u0026reponame=\u0026new=3343461%40bit-form%2Ftrunk\u0026old=3336733%40bit-form%2Ftrunk\u0026sfp_email=\u0026sfph_mail="
}
],
"timeline": [
{
"lang": "en",
"time": "2025-07-29T16:27:28.000Z",
"value": "Vendor Notified"
},
{
"lang": "en",
"time": "2025-08-14T18:09:50.000Z",
"value": "Disclosed"
}
],
"title": "Contact Form by Bit Form - Bit Form \u003c= 2.20.3 - Unauthenticated Arbitrary File Upload"
}
},
"cveMetadata": {
"assignerOrgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599",
"assignerShortName": "Wordfence",
"cveId": "CVE-2025-6679",
"datePublished": "2025-08-15T06:40:42.601Z",
"dateReserved": "2025-06-25T19:36:25.214Z",
"dateUpdated": "2026-04-08T16:59:38.425Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2024-13451 (GCVE-0-2024-13451)
Vulnerability from nvd – Published: 2025-07-02 05:29 – Updated: 2026-04-08 17:16
VLAI
Title
Contact Form by Bit Form <= 2.17.5 - Unauthenticated Sensitive Information Exposure
Summary
The Contact Form by Bit Form: Multi Step Form, Calculation Contact Form, Payment Contact Form & Custom Contact Form builder plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 2.17.4 via file uploads due to insufficient directory listing prevention and lack of randomization of file names. This makes it possible for unauthenticated attackers to extract sensitive data including files uploaded via a form. The vulnerability was partially patched in version 2.17.5.
Severity
5.3 (Medium)
SSVC
Exploitation: none
Automatable: yes
Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
- CWE-200 - Exposure of Sensitive Information to an Unauthorized Actor
Assigner
References
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| bitpressadmin | Bit Form – Custom Contact Form, Multi Step, Conversational Form & Payment Form builder |
Affected:
0 , ≤ 2.17.5
(semver)
|
Credits
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-13451",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-07-02T13:10:30.592274Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-07-02T13:10:40.775Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Bit Form \u2013 Custom Contact Form, Multi Step, Conversational Form \u0026 Payment Form builder",
"vendor": "bitpressadmin",
"versions": [
{
"lessThanOrEqual": "2.17.5",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Tim Coen"
}
],
"descriptions": [
{
"lang": "en",
"value": "The Contact Form by Bit Form: Multi Step Form, Calculation Contact Form, Payment Contact Form \u0026 Custom Contact Form builder plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 2.17.4 via file uploads due to insufficient directory listing prevention and lack of randomization of file names. This makes it possible for unauthenticated attackers to extract sensitive data including files uploaded via a form. The vulnerability was partially patched in version 2.17.5."
}
],
"metrics": [
{
"cvssV3_1": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-200",
"description": "CWE-200 Exposure of Sensitive Information to an Unauthorized Actor",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-04-08T17:16:24.462Z",
"orgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599",
"shortName": "Wordfence"
},
"references": [
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/b23bdba3-8947-47e4-b208-55e42865ab72?source=cve"
},
{
"url": "https://plugins.trac.wordpress.org/browser/bit-form/trunk/includes/Core/Util/FileHandler.php"
},
{
"url": "https://plugins.trac.wordpress.org/changeset/3233293/"
}
],
"timeline": [
{
"lang": "en",
"time": "2025-07-01T17:24:34.000Z",
"value": "Disclosed"
}
],
"title": "Contact Form by Bit Form \u003c= 2.17.5 - Unauthenticated Sensitive Information Exposure"
}
},
"cveMetadata": {
"assignerOrgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599",
"assignerShortName": "Wordfence",
"cveId": "CVE-2024-13451",
"datePublished": "2025-07-02T05:29:18.066Z",
"dateReserved": "2025-01-16T01:36:05.668Z",
"dateUpdated": "2026-04-08T17:16:24.462Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2025-1725 (GCVE-0-2025-1725)
Vulnerability from nvd – Published: 2025-06-03 08:21 – Updated: 2026-04-08 17:04
VLAI
Title
Bit File Manager – 100% Free & Open Source File Manager and Code Editor for WordPress <= 6.7 - Authenticated (Subscriber+) Stored Cross-Site Scripting via SVG File Uploads
Summary
The Bit File Manager – 100% Free & Open Source File Manager and Code Editor for WordPress plugin for WordPress is vulnerable to Stored Cross-Site Scripting via SVG File uploads in all versions up to, and including, 6.7 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with Subscriber-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses the SVG file.
Severity
6.4 (Medium)
SSVC
Exploitation: none
Automatable: no
Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
- CWE-434 - Unrestricted Upload of File with Dangerous Type
Assigner
References
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| bitpressadmin | File Manager |
Affected:
0 , ≤ 6.7
(semver)
|
Credits
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-1725",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-06-03T13:28:33.565708Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-06-03T13:28:41.470Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "File Manager",
"vendor": "bitpressadmin",
"versions": [
{
"lessThanOrEqual": "6.7",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "TANG Cheuk Hei"
}
],
"descriptions": [
{
"lang": "en",
"value": "The Bit File Manager \u2013 100% Free \u0026 Open Source File Manager and Code Editor for WordPress plugin for WordPress is vulnerable to Stored Cross-Site Scripting via SVG File uploads in all versions up to, and including, 6.7 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with Subscriber-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses the SVG file."
}
],
"metrics": [
{
"cvssV3_1": {
"baseScore": 6.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-434",
"description": "CWE-434 Unrestricted Upload of File with Dangerous Type",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-04-08T17:04:29.307Z",
"orgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599",
"shortName": "Wordfence"
},
"references": [
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/84ddb481-f989-4ba8-9925-e8327c30de38?source=cve"
},
{
"url": "https://plugins.trac.wordpress.org/browser/file-manager/tags/6.6.3/backend/app/Http/Controllers/FileManagerController.php#L112"
}
],
"timeline": [
{
"lang": "en",
"time": "2024-07-25T00:00:00.000Z",
"value": "Discovered"
},
{
"lang": "en",
"time": "2025-06-02T20:00:00.000Z",
"value": "Disclosed"
}
],
"title": "Bit File Manager \u2013 100% Free \u0026 Open Source File Manager and Code Editor for WordPress \u003c= 6.7 - Authenticated (Subscriber+) Stored Cross-Site Scripting via SVG File Uploads"
}
},
"cveMetadata": {
"assignerOrgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599",
"assignerShortName": "Wordfence",
"cveId": "CVE-2025-1725",
"datePublished": "2025-06-03T08:21:52.457Z",
"dateReserved": "2025-02-26T17:58:14.600Z",
"dateUpdated": "2026-04-08T17:04:29.307Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2025-2580 (GCVE-0-2025-2580)
Vulnerability from nvd – Published: 2025-04-25 05:25 – Updated: 2026-04-08 16:40
VLAI
Title
Contact Form by Bit Form <= 2.18.3 - Authenticated (Author+) Stored Cross-Site Scripting via SVG File Upload
Summary
The Contact Form by Bit Form plugin for WordPress is vulnerable to Stored Cross-Site Scripting via SVG File uploads in all versions up to, and including, 2.18.3 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with Author-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses the SVG file.
Severity
4.9 (Medium)
SSVC
Exploitation: none
Automatable: no
Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
- CWE-79 - Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
Assigner
References
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| bitpressadmin | Bit Form – Custom Contact Form, Multi Step, Conversational Form & Payment Form builder |
Affected:
0 , ≤ 2.18.3
(semver)
|
Credits
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-2580",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-04-25T19:01:01.675717Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-04-25T19:01:14.207Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Bit Form \u2013 Custom Contact Form, Multi Step, Conversational Form \u0026 Payment Form builder",
"vendor": "bitpressadmin",
"versions": [
{
"lessThanOrEqual": "2.18.3",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Avraham Shemesh"
}
],
"descriptions": [
{
"lang": "en",
"value": "The Contact Form by Bit Form plugin for WordPress is vulnerable to Stored Cross-Site Scripting via SVG File uploads in all versions up to, and including, 2.18.3 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with Author-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses the SVG file."
}
],
"metrics": [
{
"cvssV3_1": {
"baseScore": 4.9,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:L/I:L/A:N",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-79",
"description": "CWE-79 Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-04-08T16:40:57.362Z",
"orgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599",
"shortName": "Wordfence"
},
"references": [
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/1f3b5d85-a8b0-43ac-b593-a61e20b9a4ca?source=cve"
},
{
"url": "https://wordpress.org/plugins/bit-form/#developers"
},
{
"url": "https://plugins.trac.wordpress.org/changeset/3271396/"
}
],
"timeline": [
{
"lang": "en",
"time": "2025-04-24T16:58:42.000Z",
"value": "Disclosed"
}
],
"title": "Contact Form by Bit Form \u003c= 2.18.3 - Authenticated (Author+) Stored Cross-Site Scripting via SVG File Upload"
}
},
"cveMetadata": {
"assignerOrgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599",
"assignerShortName": "Wordfence",
"cveId": "CVE-2025-2580",
"datePublished": "2025-04-25T05:25:06.373Z",
"dateReserved": "2025-03-20T22:27:53.445Z",
"dateUpdated": "2026-04-08T16:40:57.362Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2025-0822 (GCVE-0-2025-0822)
Vulnerability from nvd – Published: 2025-02-15 12:43 – Updated: 2026-04-08 17:28
VLAI
Title
Bit Assist <= 1.5.2 - Path Traversal to Authenticated (Subscriber+) Arbitrary File Read via fileID Parameter
Summary
Bit Assist plugin for WordPress is vulnerable to Path Traversal in all versions up to, and including, 1.5.2 via the fileID Parameter. This makes it possible for authenticated attackers, with Subscriber-level access and above, to read the contents of arbitrary files on the server, which can contain sensitive information.
Severity
6.5 (Medium)
SSVC
Exploitation: none
Automatable: no
Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
- CWE-23 - Relative Path Traversal
Assigner
References
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| bitpressadmin | Chat Widget: Floating Customer Support Button for 30+ Channels, Supporting SMS, Calls, and Chat – Bit Assist |
Affected:
0 , ≤ 1.5.2
(semver)
|
Credits
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-0822",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-02-18T16:41:41.787989Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-02-18T19:35:54.973Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Chat Widget: Floating Customer Support Button for 30+ Channels, Supporting SMS, Calls, and Chat \u2013 Bit Assist",
"vendor": "bitpressadmin",
"versions": [
{
"lessThanOrEqual": "1.5.2",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Arkadiusz Hydzik"
}
],
"descriptions": [
{
"lang": "en",
"value": "Bit Assist plugin for WordPress is vulnerable to Path Traversal in all versions up to, and including, 1.5.2 via the fileID Parameter. This makes it possible for authenticated attackers, with Subscriber-level access and above, to read the contents of arbitrary files on the server, which can contain sensitive information."
}
],
"metrics": [
{
"cvssV3_1": {
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-23",
"description": "CWE-23 Relative Path Traversal",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-04-08T17:28:22.293Z",
"orgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599",
"shortName": "Wordfence"
},
"references": [
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/de9b0eba-5d2b-427c-a199-88bf96c26f5e?source=cve"
},
{
"url": "https://plugins.trac.wordpress.org/browser/bit-assist/tags/1.5.2/backend/app/HTTP/Controllers/DownloadController.php#L65"
},
{
"url": "https://wordpress.org/plugins/bit-assist/#developers"
},
{
"url": "https://plugins.trac.wordpress.org/changeset/3239816/#file3"
}
],
"timeline": [
{
"lang": "en",
"time": "2025-02-14T23:52:04.000Z",
"value": "Disclosed"
}
],
"title": "Bit Assist \u003c= 1.5.2 - Path Traversal to Authenticated (Subscriber+) Arbitrary File Read via fileID Parameter"
}
},
"cveMetadata": {
"assignerOrgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599",
"assignerShortName": "Wordfence",
"cveId": "CVE-2025-0822",
"datePublished": "2025-02-15T12:43:02.986Z",
"dateReserved": "2025-01-29T01:02:46.838Z",
"dateUpdated": "2026-04-08T17:28:22.293Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2025-0821 (GCVE-0-2025-0821)
Vulnerability from nvd – Published: 2025-02-14 11:10 – Updated: 2026-04-08 17:17
VLAI
Title
Bit Assist <= 1.5.2 - Authenticated (Subscriber+) SQL Injection via id Parameter
Summary
Bit Assist plugin for WordPress is vulnerable to time-based SQL Injection via the ‘id’ parameter in all versions up to, and including, 1.5.2 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it possible for authenticated attackers, with Subscriber-level access and above, to append additional SQL queries into already existing queries that can be used to extract sensitive information from the database.
Severity
6.5 (Medium)
SSVC
Exploitation: none
Automatable: no
Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
- CWE-89 - Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')
Assigner
References
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| bitpressadmin | Chat Widget: Floating Customer Support Button for 30+ Channels, Supporting SMS, Calls, and Chat – Bit Assist |
Affected:
0 , ≤ 1.5.2
(semver)
|
Credits
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-0821",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-02-14T16:36:03.639855Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-02-14T16:36:10.755Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Chat Widget: Floating Customer Support Button for 30+ Channels, Supporting SMS, Calls, and Chat \u2013 Bit Assist",
"vendor": "bitpressadmin",
"versions": [
{
"lessThanOrEqual": "1.5.2",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Arkadiusz Hydzik"
}
],
"descriptions": [
{
"lang": "en",
"value": "Bit Assist plugin for WordPress is vulnerable to time-based SQL Injection via the \u2018id\u2019 parameter in all versions up to, and including, 1.5.2 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it possible for authenticated attackers, with Subscriber-level access and above, to append additional SQL queries into already existing queries that can be used to extract sensitive information from the database."
}
],
"metrics": [
{
"cvssV3_1": {
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-89",
"description": "CWE-89 Improper Neutralization of Special Elements used in an SQL Command (\u0027SQL Injection\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-04-08T17:17:24.789Z",
"orgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599",
"shortName": "Wordfence"
},
"references": [
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/b64fc9d8-ea02-49e7-add1-8d83f0f41431?source=cve"
},
{
"url": "https://plugins.trac.wordpress.org/browser/bit-assist/tags/1.5.2/backend/app/HTTP/Controllers/WidgetChannelController.php#L89"
},
{
"url": "https://wordpress.org/plugins/bit-assist/#developers"
},
{
"url": "https://plugins.trac.wordpress.org/changeset/3239816/#file5"
}
],
"timeline": [
{
"lang": "en",
"time": "2025-02-13T22:13:48.000Z",
"value": "Disclosed"
}
],
"title": "Bit Assist \u003c= 1.5.2 - Authenticated (Subscriber+) SQL Injection via id Parameter"
}
},
"cveMetadata": {
"assignerOrgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599",
"assignerShortName": "Wordfence",
"cveId": "CVE-2025-0821",
"datePublished": "2025-02-14T11:10:58.171Z",
"dateReserved": "2025-01-28T23:49:24.907Z",
"dateUpdated": "2026-04-08T17:17:24.789Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2024-13791 (GCVE-0-2024-13791)
Vulnerability from nvd – Published: 2025-02-14 11:10 – Updated: 2026-04-08 16:37
VLAI
Title
Bit Assist <= 1.5.2 - Path Traversal to Authenticated (Administrator+) Arbitrary File Read via downloadResponseFile Function
Summary
Bit Assist plugin for WordPress is vulnerable to Path Traversal in all versions up to, and including, 1.5.2 via the downloadResponseFile() function. This makes it possible for authenticated attackers, with Administrator-level access and above, to read the contents of arbitrary files on the server, which can contain sensitive information.
Severity
4.9 (Medium)
SSVC
Exploitation: none
Automatable: no
Technical Impact: total
CISA Coordinator (v2.0.3)
CWE
- CWE-23 - Relative Path Traversal
Assigner
References
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| bitpressadmin | Chat Widget: Floating Customer Support Button for 30+ Channels, Supporting SMS, Calls, and Chat – Bit Assist |
Affected:
0 , ≤ 1.5.2
(semver)
|
Credits
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-13791",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-02-14T16:42:33.130674Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-02-14T16:42:43.715Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Chat Widget: Floating Customer Support Button for 30+ Channels, Supporting SMS, Calls, and Chat \u2013 Bit Assist",
"vendor": "bitpressadmin",
"versions": [
{
"lessThanOrEqual": "1.5.2",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "marco jacobs"
}
],
"descriptions": [
{
"lang": "en",
"value": "Bit Assist plugin for WordPress is vulnerable to Path Traversal in all versions up to, and including, 1.5.2 via the downloadResponseFile() function. This makes it possible for authenticated attackers, with Administrator-level access and above, to read the contents of arbitrary files on the server, which can contain sensitive information."
}
],
"metrics": [
{
"cvssV3_1": {
"baseScore": 4.9,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-23",
"description": "CWE-23 Relative Path Traversal",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-04-08T16:37:33.408Z",
"orgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599",
"shortName": "Wordfence"
},
"references": [
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/17fd14e7-503a-49e4-9344-5f8d51801eb3?source=cve"
},
{
"url": "https://github.com/WordPressBugBounty/plugins-bit-assist/blob/main/bit-assist/backend/app/HTTP/Controllers/DownloadController.php"
},
{
"url": "https://wordpress.org/plugins/bit-assist/#developers"
},
{
"url": "https://plugins.trac.wordpress.org/changeset/3239816/#file3"
}
],
"timeline": [
{
"lang": "en",
"time": "2025-02-13T22:19:23.000Z",
"value": "Disclosed"
}
],
"title": "Bit Assist \u003c= 1.5.2 - Path Traversal to Authenticated (Administrator+) Arbitrary File Read via downloadResponseFile Function"
}
},
"cveMetadata": {
"assignerOrgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599",
"assignerShortName": "Wordfence",
"cveId": "CVE-2024-13791",
"datePublished": "2025-02-14T11:10:57.563Z",
"dateReserved": "2025-01-29T19:56:49.186Z",
"dateUpdated": "2026-04-08T16:37:33.408Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2024-13450 (GCVE-0-2024-13450)
Vulnerability from nvd – Published: 2025-01-25 08:23 – Updated: 2026-04-08 17:27
VLAI
Title
Contact Form by Bit Form <= 2.17.4 - Authenticated (Administrator+) Server-Side Request Forgery
Summary
The Contact Form by Bit Form: Multi Step Form, Calculation Contact Form, Payment Contact Form & Custom Contact Form builder plugin for WordPress is vulnerable to Server-Side Request Forgery in all versions up to, and including, 2.17.4 via the Webhooks integration. This makes it possible for authenticated attackers, with Administrator-level access and above, to make web requests to arbitrary locations originating from the web application and can be used to query and modify information from internal services. The vulnerability can also be exploited in Multisite environments.
Severity
SSVC
Exploitation: none
Automatable: no
Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
- CWE-918 - Server-Side Request Forgery (SSRF)
Assigner
References
7 references
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| bitpressadmin | Bit Form – Custom Contact Form, Multi Step, Conversational Form & Payment Form builder |
Affected:
0 , ≤ 2.17.4
(semver)
|
Credits
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-13450",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-01-27T15:35:14.077986Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-01-27T15:35:19.178Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Bit Form \u2013 Custom Contact Form, Multi Step, Conversational Form \u0026 Payment Form builder",
"vendor": "bitpressadmin",
"versions": [
{
"lessThanOrEqual": "2.17.4",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Francesco Carlucci"
}
],
"descriptions": [
{
"lang": "en",
"value": "The Contact Form by Bit Form: Multi Step Form, Calculation Contact Form, Payment Contact Form \u0026 Custom Contact Form builder plugin for WordPress is vulnerable to Server-Side Request Forgery in all versions up to, and including, 2.17.4 via the Webhooks integration. This makes it possible for authenticated attackers, with Administrator-level access and above, to make web requests to arbitrary locations originating from the web application and can be used to query and modify information from internal services. The vulnerability can also be exploited in Multisite environments."
}
],
"metrics": [
{
"cvssV3_1": {
"baseScore": 3.8,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:N",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-918",
"description": "CWE-918 Server-Side Request Forgery (SSRF)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-04-08T17:27:04.057Z",
"orgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599",
"shortName": "Wordfence"
},
"references": [
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/d935f4c5-5d69-42d9-be22-7a44d9aa885a?source=cve"
},
{
"url": "https://plugins.trac.wordpress.org/browser/bit-form/trunk/includes/Admin/Form/AdminFormHandler.php#L1072"
},
{
"url": "https://plugins.trac.wordpress.org/browser/bit-form/trunk/includes/Admin/Form/AdminFormHandler.php#L1312"
},
{
"url": "https://plugins.trac.wordpress.org/browser/bit-form/trunk/includes/Core/Integration/WebHooks/WebHooksHandler.php#L51"
},
{
"url": "https://plugins.trac.wordpress.org/browser/bit-form/trunk/includes/Core/Integration/WebHooks/WebHooksHandler.php#L96"
},
{
"url": "https://plugins.trac.wordpress.org/browser/bit-form/trunk/includes/Core/Integration/WebHooks/WebHooksHandler.php#L190"
},
{
"url": "https://plugins.trac.wordpress.org/changeset/3227207/"
}
],
"timeline": [
{
"lang": "en",
"time": "2025-01-24T19:37:19.000Z",
"value": "Disclosed"
}
],
"title": "Contact Form by Bit Form \u003c= 2.17.4 - Authenticated (Administrator+) Server-Side Request Forgery"
}
},
"cveMetadata": {
"assignerOrgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599",
"assignerShortName": "Wordfence",
"cveId": "CVE-2024-13450",
"datePublished": "2025-01-25T08:23:15.871Z",
"dateReserved": "2025-01-16T01:06:43.819Z",
"dateUpdated": "2026-04-08T17:27:04.057Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2024-12190 (GCVE-0-2024-12190)
Vulnerability from nvd – Published: 2024-12-25 03:21 – Updated: 2026-04-08 17:24
VLAI
Title
Contact Form by Bit Form: Multi Step Form, Calculation Contact Form, Payment Contact Form & Custom Contact Form builder <= 2.17.3 - Missing Authorization to Authenticated (Subscriber+) Form Submission Disclosure
Summary
The Contact Form by Bit Form: Multi Step Form, Calculation Contact Form, Payment Contact Form & Custom Contact Form builder plugin for WordPress is vulnerable to unauthorized access of data due to a missing capability check on the bitform-form-entry-edit endpoint in all versions up to, and including, 2.17.3. This makes it possible for authenticated attackers, with Subscriber-level access and above, to view all form submissions from other users.
Severity
4.3 (Medium)
SSVC
Exploitation: none
Automatable: no
Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
- CWE-862 - Missing Authorization
Assigner
References
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| bitpressadmin | Bit Form – Custom Contact Form, Multi Step, Conversational Form & Payment Form builder |
Affected:
0 , ≤ 2.17.3
(semver)
|
Credits
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-12190",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-12-27T15:15:06.092369Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-12-27T15:15:13.938Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Bit Form \u2013 Custom Contact Form, Multi Step, Conversational Form \u0026 Payment Form builder",
"vendor": "bitpressadmin",
"versions": [
{
"lessThanOrEqual": "2.17.3",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Akbar Kustirama"
}
],
"descriptions": [
{
"lang": "en",
"value": "The Contact Form by Bit Form: Multi Step Form, Calculation Contact Form, Payment Contact Form \u0026 Custom Contact Form builder plugin for WordPress is vulnerable to unauthorized access of data due to a missing capability check on the bitform-form-entry-edit endpoint in all versions up to, and including, 2.17.3. This makes it possible for authenticated attackers, with Subscriber-level access and above, to view all form submissions from other users."
}
],
"metrics": [
{
"cvssV3_1": {
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-862",
"description": "CWE-862 Missing Authorization",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-04-08T17:24:27.412Z",
"orgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599",
"shortName": "Wordfence"
},
"references": [
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/ce9dab37-4118-4e13-857c-9aa072d25edf?source=cve"
},
{
"url": "https://plugins.trac.wordpress.org/changeset/3204875/bit-form/trunk/includes/Frontend/FormEntryView.php"
},
{
"url": "https://plugins.trac.wordpress.org/changeset/3209668/bit-form/trunk/includes/Frontend/FormEntryView.php"
}
],
"timeline": [
{
"lang": "en",
"time": "2024-12-24T00:00:00.000Z",
"value": "Disclosed"
}
],
"title": "Contact Form by Bit Form: Multi Step Form, Calculation Contact Form, Payment Contact Form \u0026 Custom Contact Form builder \u003c= 2.17.3 - Missing Authorization to Authenticated (Subscriber+) Form Submission Disclosure"
}
},
"cveMetadata": {
"assignerOrgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599",
"assignerShortName": "Wordfence",
"cveId": "CVE-2024-12190",
"datePublished": "2024-12-25T03:21:32.469Z",
"dateReserved": "2024-12-04T16:52:19.532Z",
"dateUpdated": "2026-04-08T17:24:27.412Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2024-9507 (GCVE-0-2024-9507)
Vulnerability from nvd – Published: 2024-10-11 07:37 – Updated: 2026-04-08 17:14
VLAI
Title
Contact Form by Bit Form: Multi Step Form, Calculation Contact Form, Payment Contact Form & Custom Contact Form builder <= 2.15.2 - Authenticated (Administrator+) Improper Input Validation via iconUpload Function to Arbitrary File Read
Summary
The Contact Form by Bit Form: Multi Step Form, Calculation Contact Form, Payment Contact Form & Custom Contact Form builder plugin for WordPress is vulnerable to arbitrary file read in all versions up to, and including, 2.15.2 due to improper input validation within the iconUpload function. This makes it possible for authenticated attackers, with Administrator-level access and above, to leverage a PHP filter chain attack and read the contents of arbitrary files on the server, which can contain sensitive information.
Severity
4.9 (Medium)
SSVC
Exploitation: none
Automatable: no
Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
- CWE-20 - Improper Input Validation
Assigner
References
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| bitpressadmin | Bit Form – Custom Contact Form, Multi Step, Conversational Form & Payment Form builder |
Affected:
0 , ≤ 2.15.2
(semver)
|
Credits
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-9507",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-10-11T15:21:04.596698Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-10-11T15:21:23.094Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Bit Form \u2013 Custom Contact Form, Multi Step, Conversational Form \u0026 Payment Form builder",
"vendor": "bitpressadmin",
"versions": [
{
"lessThanOrEqual": "2.15.2",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "TANG Cheuk Hei"
}
],
"descriptions": [
{
"lang": "en",
"value": "The Contact Form by Bit Form: Multi Step Form, Calculation Contact Form, Payment Contact Form \u0026 Custom Contact Form builder plugin for WordPress is vulnerable to arbitrary file read in all versions up to, and including, 2.15.2 due to improper input validation within the iconUpload function. This makes it possible for authenticated attackers, with Administrator-level access and above, to leverage a PHP filter chain attack and read the contents of arbitrary files on the server, which can contain sensitive information."
}
],
"metrics": [
{
"cvssV3_1": {
"baseScore": 4.9,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-20",
"description": "CWE-20 Improper Input Validation",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-04-08T17:14:21.751Z",
"orgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599",
"shortName": "Wordfence"
},
"references": [
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/aa46842f-ed07-4f72-aedb-aa27baecd79c?source=cve"
},
{
"url": "https://plugins.trac.wordpress.org/browser/bit-form/trunk/includes/Admin/AdminAjax.php#L1210"
},
{
"url": "https://wordpress.org/plugins/bit-form/#developers"
},
{
"url": "https://plugins.trac.wordpress.org/changeset/3165686/bit-form/trunk/includes/Admin/AdminAjax.php"
},
{
"url": "https://plugins.trac.wordpress.org/changeset/3165686/"
}
],
"timeline": [
{
"lang": "en",
"time": "2024-10-10T19:11:18.000Z",
"value": "Disclosed"
}
],
"title": "Contact Form by Bit Form: Multi Step Form, Calculation Contact Form, Payment Contact Form \u0026 Custom Contact Form builder \u003c= 2.15.2 - Authenticated (Administrator+) Improper Input Validation via iconUpload Function to Arbitrary File Read"
}
},
"cveMetadata": {
"assignerOrgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599",
"assignerShortName": "Wordfence",
"cveId": "CVE-2024-9507",
"datePublished": "2024-10-11T07:37:45.931Z",
"dateReserved": "2024-10-03T22:44:15.090Z",
"dateUpdated": "2026-04-08T17:14:21.751Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2024-8743 (GCVE-0-2024-8743)
Vulnerability from nvd – Published: 2024-10-05 06:44 – Updated: 2026-04-08 16:45
VLAI
Title
Bit File Manager – 100% Free & Open Source File Manager and Code Editor for WordPress <= 6.5.7 - Authenticated (Subscriber+) Limited JavaScript File Upload
Summary
The Bit File Manager – 100% Free & Open Source File Manager and Code Editor for WordPress plugin for WordPress is vulnerable to Limited JavaScript File Upload in all versions up to, and including, 6.5.7. This is due to a lack of proper checks on allowed file types. This makes it possible for authenticated attackers, with Subscriber-level access and above, and granted permissions by an administrator, to upload .css and .js files, which could lead to Stored Cross-Site Scripting.
Severity
6.8 (Medium)
SSVC
Exploitation: none
Automatable: no
Technical Impact: total
CISA Coordinator (v2.0.3)
CWE
- CWE-434 - Unrestricted Upload of File with Dangerous Type
Assigner
References
Impacted products
2 products
| Vendor | Product | Version | |
|---|---|---|---|
| bitpressadmin | File Manager |
Affected:
0 , ≤ 6.5.7
(semver)
|
|
| bitapps | file_manager |
Affected:
0 , < 6.5.8
(semver)
cpe:2.3:a:bitapps:file_manager:*:*:*:*:*:wordpress:*:* |
Credits
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:a:bitapps:file_manager:*:*:*:*:*:wordpress:*:*"
],
"defaultStatus": "unaffected",
"product": "file_manager",
"vendor": "bitapps",
"versions": [
{
"lessThan": "6.5.8",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-8743",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-10-07T15:57:45.966898Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-10-07T15:57:49.035Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "File Manager",
"vendor": "bitpressadmin",
"versions": [
{
"lessThanOrEqual": "6.5.7",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "TANG Cheuk Hei"
}
],
"descriptions": [
{
"lang": "en",
"value": "The Bit File Manager \u2013 100% Free \u0026 Open Source File Manager and Code Editor for WordPress plugin for WordPress is vulnerable to Limited JavaScript File Upload in all versions up to, and including, 6.5.7. This is due to a lack of proper checks on allowed file types. This makes it possible for authenticated attackers, with Subscriber-level access and above, and granted permissions by an administrator, to upload .css and .js files, which could lead to Stored Cross-Site Scripting."
}
],
"metrics": [
{
"cvssV3_1": {
"baseScore": 6.8,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:N",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-434",
"description": "CWE-434 Unrestricted Upload of File with Dangerous Type",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-04-08T16:45:05.656Z",
"orgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599",
"shortName": "Wordfence"
},
"references": [
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/314520d5-bd9d-46c1-b903-5e5cb3bb3417?source=cve"
},
{
"url": "https://plugins.trac.wordpress.org/changeset/3161219/"
}
],
"timeline": [
{
"lang": "en",
"time": "2024-10-04T00:00:00.000Z",
"value": "Disclosed"
}
],
"title": "Bit File Manager \u2013 100% Free \u0026 Open Source File Manager and Code Editor for WordPress \u003c= 6.5.7 - Authenticated (Subscriber+) Limited JavaScript File Upload"
}
},
"cveMetadata": {
"assignerOrgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599",
"assignerShortName": "Wordfence",
"cveId": "CVE-2024-8743",
"datePublished": "2024-10-05T06:44:10.696Z",
"dateReserved": "2024-09-11T21:44:52.570Z",
"dateUpdated": "2026-04-08T16:45:05.656Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2024-7770 (GCVE-0-2024-7770)
Vulnerability from nvd – Published: 2024-09-10 10:59 – Updated: 2026-04-08 17:11
VLAI
Title
Bit File Manager – 100% Free & Open Source File Manager and Code Editor for WordPress <= 6.5.5 - Authenticated (Subscriber+) Arbitrary File Upload
Summary
The Bit File Manager – 100% Free & Open Source File Manager and Code Editor for WordPress plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the 'upload' function in all versions up to, and including, 6.5.5. This makes it possible for authenticated attackers, with Subscriber-level access and above, and granted upload permissions by an administrator, to upload arbitrary files on the affected site's server which may make remote code execution possible.
Severity
8.8 (High)
SSVC
Exploitation: none
Automatable: no
Technical Impact: total
CISA Coordinator (v2.0.3)
CWE
- CWE-434 - Unrestricted Upload of File with Dangerous Type
Assigner
References
6 references
Impacted products
2 products
| Vendor | Product | Version | |
|---|---|---|---|
| bitpressadmin | File Manager |
Affected:
0 , ≤ 6.5.5
(semver)
|
|
| bitpressadmin | bit_file_manager_wordpress |
Affected:
0 , ≤ 6.5.5
(semver)
cpe:2.3:a:bitpressadmin:bit_file_manager_wordpress:*:*:*:*:*:*:*:* |
Credits
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:a:bitpressadmin:bit_file_manager_wordpress:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "bit_file_manager_wordpress",
"vendor": "bitpressadmin",
"versions": [
{
"lessThanOrEqual": "6.5.5",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-7770",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-09-10T13:22:42.916828Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-09-10T13:25:39.611Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "File Manager",
"vendor": "bitpressadmin",
"versions": [
{
"lessThanOrEqual": "6.5.5",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "TANG Cheuk Hei"
}
],
"descriptions": [
{
"lang": "en",
"value": "The Bit File Manager \u2013 100% Free \u0026 Open Source File Manager and Code Editor for WordPress plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the \u0027upload\u0027 function in all versions up to, and including, 6.5.5. This makes it possible for authenticated attackers, with Subscriber-level access and above, and granted upload permissions by an administrator, to upload arbitrary files on the affected site\u0027s server which may make remote code execution possible."
}
],
"metrics": [
{
"cvssV3_1": {
"baseScore": 8.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-434",
"description": "CWE-434 Unrestricted Upload of File with Dangerous Type",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-04-08T17:11:28.275Z",
"orgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599",
"shortName": "Wordfence"
},
"references": [
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/9cae7702-e531-45b9-9131-42edbc073a07?source=cve"
},
{
"url": "https://plugins.trac.wordpress.org/browser/file-manager/trunk/backend/app/Http/Controllers/FileManagerController.php#L26"
},
{
"url": "https://plugins.trac.wordpress.org/browser/file-manager/trunk/libs/elFinder/php/elFinderConnector.class.php#L160"
},
{
"url": "https://plugins.trac.wordpress.org/browser/file-manager/trunk/libs/elFinder/php/elFinder.class.php#L1210"
},
{
"url": "https://plugins.trac.wordpress.org/browser/file-manager/trunk/libs/elFinder/php/elFinder.class.php#L3257"
},
{
"url": "https://plugins.trac.wordpress.org/changeset/3138710/"
}
],
"timeline": [
{
"lang": "en",
"time": "2024-09-09T00:00:00.000Z",
"value": "Disclosed"
}
],
"title": "Bit File Manager \u2013 100% Free \u0026 Open Source File Manager and Code Editor for WordPress \u003c= 6.5.5 - Authenticated (Subscriber+) Arbitrary File Upload"
}
},
"cveMetadata": {
"assignerOrgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599",
"assignerShortName": "Wordfence",
"cveId": "CVE-2024-7770",
"datePublished": "2024-09-10T10:59:05.034Z",
"dateReserved": "2024-08-13T19:11:05.331Z",
"dateUpdated": "2026-04-08T17:11:28.275Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2026-11989 (GCVE-0-2026-11989)
Vulnerability from cvelistv5 – Published: 2026-06-19 04:31 – Updated: 2026-06-23 20:45
VLAI
Title
Bit integrations <= 2.8.7 - Unauthenticated Server-Side Request Forgery via Form Field Upload Mapping
Summary
The Bit integrations – Form Integration, Webhook, Spreadsheets, CRM, LMS & Email Automation plugin for WordPress is vulnerable to Server-Side Request Forgery in all versions up to, and including, 2.8.7 via the upload_attachment. This makes it possible for unauthenticated attackers to make web requests to arbitrary locations originating from the web application and can be used to query and modify information from internal services. Exploitation requires a form integration to be configured with a field mapped to a WooCommerce product image, product gallery, downloadable files, or Google Contacts attachment field, which is a default use case for these integrations.
Severity
6.5 (Medium)
SSVC
Exploitation: none
Automatable: yes
Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
- CWE-918 - Server-Side Request Forgery (SSRF)
Assigner
References
10 references
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| bitpressadmin | Bit integrations – Form Integration, Webhook, Spreadsheets, CRM, LMS & Email Automation |
Affected:
0 , ≤ 2.8.7
(semver)
|
Credits
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-11989",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-06-23T20:45:42.275240Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-06-23T20:45:53.492Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Bit integrations \u2013 Form Integration, Webhook, Spreadsheets, CRM, LMS \u0026 Email Automation",
"vendor": "bitpressadmin",
"versions": [
{
"lessThanOrEqual": "2.8.7",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Chris Peterson"
}
],
"descriptions": [
{
"lang": "en",
"value": "The Bit integrations \u2013 Form Integration, Webhook, Spreadsheets, CRM, LMS \u0026 Email Automation plugin for WordPress is vulnerable to Server-Side Request Forgery in all versions up to, and including, 2.8.7 via the upload_attachment. This makes it possible for unauthenticated attackers to make web requests to arbitrary locations originating from the web application and can be used to query and modify information from internal services. Exploitation requires a form integration to be configured with a field mapped to a WooCommerce product image, product gallery, downloadable files, or Google Contacts attachment field, which is a default use case for these integrations."
}
],
"metrics": [
{
"cvssV3_1": {
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-918",
"description": "CWE-918 Server-Side Request Forgery (SSRF)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-06-19T04:31:33.792Z",
"orgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599",
"shortName": "Wordfence"
},
"references": [
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/bdf8d5c2-dbb1-47d5-b858-da6f6e1989f4?source=cve"
},
{
"url": "https://plugins.trac.wordpress.org/browser/bit-integrations/tags/2.8.7/backend/Actions/WooCommerce/RecordApiHelper.php#L631"
},
{
"url": "https://plugins.trac.wordpress.org/browser/bit-integrations/tags/2.8.7/backend/Actions/GoogleContacts/RecordApiHelper.php#L139"
},
{
"url": "https://plugins.trac.wordpress.org/browser/bit-integrations/tags/2.8.7/backend/Actions/WooCommerce/RecordApiHelper.php#L584"
},
{
"url": "https://plugins.trac.wordpress.org/browser/bit-integrations/tags/2.8.7/backend/Actions/GoogleContacts/RecordApiHelper.php#L168"
},
{
"url": "https://plugins.trac.wordpress.org/browser/bit-integrations/tags/2.8.2/backend/Actions/WooCommerce/RecordApiHelper.php#L631"
},
{
"url": "https://plugins.trac.wordpress.org/browser/bit-integrations/tags/2.8.2/backend/Actions/GoogleContacts/RecordApiHelper.php#L139"
},
{
"url": "https://plugins.trac.wordpress.org/browser/bit-integrations/tags/2.8.2/backend/Actions/WooCommerce/RecordApiHelper.php#L584"
},
{
"url": "https://plugins.trac.wordpress.org/browser/bit-integrations/tags/2.8.2/backend/Actions/GoogleContacts/RecordApiHelper.php#L168"
},
{
"url": "https://plugins.trac.wordpress.org/changeset?sfp_email=\u0026sfph_mail=\u0026reponame=\u0026old=3571608%40bit-integrations\u0026new=3571608%40bit-integrations\u0026sfp_email=\u0026sfph_mail="
}
],
"timeline": [
{
"lang": "en",
"time": "2026-06-11T14:45:34.000Z",
"value": "Vendor Notified"
},
{
"lang": "en",
"time": "2026-06-18T15:58:38.000Z",
"value": "Disclosed"
}
],
"title": "Bit integrations \u003c= 2.8.7 - Unauthenticated Server-Side Request Forgery via Form Field Upload Mapping"
}
},
"cveMetadata": {
"assignerOrgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599",
"assignerShortName": "Wordfence",
"cveId": "CVE-2026-11989",
"datePublished": "2026-06-19T04:31:33.792Z",
"dateReserved": "2026-06-11T14:30:23.613Z",
"dateUpdated": "2026-06-23T20:45:53.492Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2026-25418 (GCVE-0-2026-25418)
Vulnerability from cvelistv5 – Published: 2026-02-19 08:27 – Updated: 2026-04-28 16:14
VLAI
Title
WordPress Bit Form plugin <= 2.21.10 - SQL Injection vulnerability
Summary
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Bit Apps Bit Form bit-form allows SQL Injection.This issue affects Bit Form: from n/a through <= 2.21.10.
Severity
7.6 (High)
SSVC
Exploitation: none
Automatable: no
Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
- CWE-89 - Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')
Assigner
References
1 reference
| URL | Tags |
|---|---|
| https://patchstack.com/database/Wordpress/Plugin/… | vdb-entry |
Impacted products
Date Public
2026-04-01 16:05
Credits
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-25418",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-02-19T18:34:14.212704Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-04-28T13:24:59.625Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"collectionURL": "https://wordpress.org/plugins",
"defaultStatus": "unaffected",
"packageName": "bit-form",
"product": "Bit Form",
"vendor": "Bit Apps",
"versions": [
{
"changes": [
{
"at": "2.21.11",
"status": "unaffected"
}
],
"lessThanOrEqual": "2.21.10",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Tr\u01b0\u01a1ng H\u1eefu Ph\u00fac (truonghuuphuc) | Patchstack Bug Bounty Program"
}
],
"datePublic": "2026-04-01T16:05:09.603Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Improper Neutralization of Special Elements used in an SQL Command (\u0027SQL Injection\u0027) vulnerability in Bit Apps Bit Form bit-form allows SQL Injection.\u003cp\u003eThis issue affects Bit Form: from n/a through \u003c= 2.21.10.\u003c/p\u003e"
}
],
"value": "Improper Neutralization of Special Elements used in an SQL Command (\u0027SQL Injection\u0027) vulnerability in Bit Apps Bit Form bit-form allows SQL Injection.This issue affects Bit Form: from n/a through \u003c= 2.21.10."
}
],
"impacts": [
{
"capecId": "CAPEC-66",
"descriptions": [
{
"lang": "en",
"value": "SQL Injection"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 7.6,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "HIGH",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:N/A:L",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-89",
"description": "Improper Neutralization of Special Elements used in an SQL Command (\u0027SQL Injection\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-04-28T16:14:58.487Z",
"orgId": "21595511-bba5-4825-b968-b78d1f9984a3",
"shortName": "Patchstack"
},
"references": [
{
"tags": [
"vdb-entry"
],
"url": "https://patchstack.com/database/Wordpress/Plugin/bit-form/vulnerability/wordpress-bit-form-plugin-2-21-10-sql-injection-vulnerability?_s_id=cve"
}
],
"title": "WordPress Bit Form plugin \u003c= 2.21.10 - SQL Injection vulnerability"
}
},
"cveMetadata": {
"assignerOrgId": "21595511-bba5-4825-b968-b78d1f9984a3",
"assignerShortName": "Patchstack",
"cveId": "CVE-2026-25418",
"datePublished": "2026-02-19T08:27:06.644Z",
"dateReserved": "2026-02-02T12:53:26.262Z",
"dateUpdated": "2026-04-28T16:14:58.487Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2025-14901 (GCVE-0-2025-14901)
Vulnerability from cvelistv5 – Published: 2026-01-07 06:35 – Updated: 2026-04-08 16:33
VLAI
Title
Bit Form – Contact Form Plugin <= 2.21.6 - Missing Authorization to Unauthenticated Workflow Replay
Summary
The Bit Form – Contact Form Plugin plugin for WordPress is vulnerable to unauthorized workflow execution due to missing authorization in the triggerWorkFlow function in all versions up to, and including, 2.21.6. This is due to a logic flaw in the nonce verification where the security check only blocks requests when both the nonce verification fails and the user is logged in. This makes it possible for unauthenticated attackers to replay form workflow executions and trigger all configured integrations including webhooks, email notifications, CRM integrations, and automation platforms via the bitforms_trigger_workflow AJAX action granted they can obtain the entry ID and log IDs from a legitimate form submission response.
Severity
6.5 (Medium)
SSVC
Exploitation: none
Automatable: yes
Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
- CWE-862 - Missing Authorization
Assigner
References
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| bitpressadmin | Bit Form – Custom Contact Form, Multi Step, Conversational Form & Payment Form builder |
Affected:
0 , ≤ 2.21.6
(semver)
|
Credits
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-14901",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-01-07T14:52:47.173907Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-01-07T16:14:30.203Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Bit Form \u2013 Custom Contact Form, Multi Step, Conversational Form \u0026 Payment Form builder",
"vendor": "bitpressadmin",
"versions": [
{
"lessThanOrEqual": "2.21.6",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "andrea bocchetti"
}
],
"descriptions": [
{
"lang": "en",
"value": "The Bit Form \u2013 Contact Form Plugin plugin for WordPress is vulnerable to unauthorized workflow execution due to missing authorization in the triggerWorkFlow function in all versions up to, and including, 2.21.6. This is due to a logic flaw in the nonce verification where the security check only blocks requests when both the nonce verification fails and the user is logged in. This makes it possible for unauthenticated attackers to replay form workflow executions and trigger all configured integrations including webhooks, email notifications, CRM integrations, and automation platforms via the bitforms_trigger_workflow AJAX action granted they can obtain the entry ID and log IDs from a legitimate form submission response."
}
],
"metrics": [
{
"cvssV3_1": {
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-862",
"description": "CWE-862 Missing Authorization",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-04-08T16:33:04.061Z",
"orgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599",
"shortName": "Wordfence"
},
"references": [
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/0402e4a6-73ba-49e6-bf80-997ac83b4cfe?source=cve"
},
{
"url": "https://plugins.trac.wordpress.org/browser/bit-form/tags/2.21.6/includes/Frontend/Ajax/FrontendAjax.php#L146"
},
{
"url": "https://plugins.trac.wordpress.org/browser/bit-form/tags/2.21.6/includes/Frontend/Ajax/FrontendAjax.php#L30"
},
{
"url": "https://plugins.trac.wordpress.org/changeset?sfp_email=\u0026sfph_mail=\u0026reponame=\u0026new=3429172%40bit-form%2Ftrunk\u0026old=3420966%40bit-form%2Ftrunk\u0026sfp_email=\u0026sfph_mail=#file827"
}
],
"timeline": [
{
"lang": "en",
"time": "2025-12-18T16:48:55.000Z",
"value": "Vendor Notified"
},
{
"lang": "en",
"time": "2026-01-06T17:34:11.000Z",
"value": "Disclosed"
}
],
"title": "Bit Form \u2013 Contact Form Plugin \u003c= 2.21.6 - Missing Authorization to Unauthenticated Workflow Replay"
}
},
"cveMetadata": {
"assignerOrgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599",
"assignerShortName": "Wordfence",
"cveId": "CVE-2025-14901",
"datePublished": "2026-01-07T06:35:57.705Z",
"dateReserved": "2025-12-18T16:33:20.699Z",
"dateUpdated": "2026-04-08T16:33:04.061Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2025-6679 (GCVE-0-2025-6679)
Vulnerability from cvelistv5 – Published: 2025-08-15 06:40 – Updated: 2026-04-08 16:59
VLAI
Title
Contact Form by Bit Form - Bit Form <= 2.20.3 - Unauthenticated Arbitrary File Upload
Summary
The Bit Form builder plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in all versions up to, and including, 2.20.4. This makes it possible for unauthenticated attackers to upload arbitrary files on the affected site's server which may make remote code execution possible. For this to be exploitable, the PRO version needs to be installed and activated as well. Additionally a form with an advanced file upload element needs to be published.
Severity
9.8 (Critical)
SSVC
Exploitation: none
Automatable: yes
Technical Impact: total
CISA Coordinator (v2.0.3)
CWE
- CWE-434 - Unrestricted Upload of File with Dangerous Type
Assigner
References
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| bitpressadmin | Bit Form – Custom Contact Form, Multi Step, Conversational Form & Payment Form builder |
Affected:
0 , ≤ 2.20.3
(semver)
|
Credits
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-6679",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-08-15T12:05:16.311145Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-08-15T12:05:26.986Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Bit Form \u2013 Custom Contact Form, Multi Step, Conversational Form \u0026 Payment Form builder",
"vendor": "bitpressadmin",
"versions": [
{
"lessThanOrEqual": "2.20.3",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Nguyen Tan Phat"
}
],
"descriptions": [
{
"lang": "en",
"value": "The Bit Form builder plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in all versions up to, and including, 2.20.4. This makes it possible for unauthenticated attackers to upload arbitrary files on the affected site\u0027s server which may make remote code execution possible. For this to be exploitable, the PRO version needs to be installed and activated as well. Additionally a form with an advanced file upload element needs to be published."
}
],
"metrics": [
{
"cvssV3_1": {
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-434",
"description": "CWE-434 Unrestricted Upload of File with Dangerous Type",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-04-08T16:59:38.425Z",
"orgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599",
"shortName": "Wordfence"
},
"references": [
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/6e2e294f-904b-4674-8baf-d3a9a260d634?source=cve"
},
{
"url": "https://wordpress.org/plugins/bit-form/"
},
{
"url": "https://plugins.trac.wordpress.org/changeset?sfp_email=\u0026sfph_mail=\u0026reponame=\u0026new=3343461%40bit-form%2Ftrunk\u0026old=3336733%40bit-form%2Ftrunk\u0026sfp_email=\u0026sfph_mail="
}
],
"timeline": [
{
"lang": "en",
"time": "2025-07-29T16:27:28.000Z",
"value": "Vendor Notified"
},
{
"lang": "en",
"time": "2025-08-14T18:09:50.000Z",
"value": "Disclosed"
}
],
"title": "Contact Form by Bit Form - Bit Form \u003c= 2.20.3 - Unauthenticated Arbitrary File Upload"
}
},
"cveMetadata": {
"assignerOrgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599",
"assignerShortName": "Wordfence",
"cveId": "CVE-2025-6679",
"datePublished": "2025-08-15T06:40:42.601Z",
"dateReserved": "2025-06-25T19:36:25.214Z",
"dateUpdated": "2026-04-08T16:59:38.425Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2024-13451 (GCVE-0-2024-13451)
Vulnerability from cvelistv5 – Published: 2025-07-02 05:29 – Updated: 2026-04-08 17:16
VLAI
Title
Contact Form by Bit Form <= 2.17.5 - Unauthenticated Sensitive Information Exposure
Summary
The Contact Form by Bit Form: Multi Step Form, Calculation Contact Form, Payment Contact Form & Custom Contact Form builder plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 2.17.4 via file uploads due to insufficient directory listing prevention and lack of randomization of file names. This makes it possible for unauthenticated attackers to extract sensitive data including files uploaded via a form. The vulnerability was partially patched in version 2.17.5.
Severity
5.3 (Medium)
SSVC
Exploitation: none
Automatable: yes
Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
- CWE-200 - Exposure of Sensitive Information to an Unauthorized Actor
Assigner
References
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| bitpressadmin | Bit Form – Custom Contact Form, Multi Step, Conversational Form & Payment Form builder |
Affected:
0 , ≤ 2.17.5
(semver)
|
Credits
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-13451",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-07-02T13:10:30.592274Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-07-02T13:10:40.775Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Bit Form \u2013 Custom Contact Form, Multi Step, Conversational Form \u0026 Payment Form builder",
"vendor": "bitpressadmin",
"versions": [
{
"lessThanOrEqual": "2.17.5",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Tim Coen"
}
],
"descriptions": [
{
"lang": "en",
"value": "The Contact Form by Bit Form: Multi Step Form, Calculation Contact Form, Payment Contact Form \u0026 Custom Contact Form builder plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 2.17.4 via file uploads due to insufficient directory listing prevention and lack of randomization of file names. This makes it possible for unauthenticated attackers to extract sensitive data including files uploaded via a form. The vulnerability was partially patched in version 2.17.5."
}
],
"metrics": [
{
"cvssV3_1": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-200",
"description": "CWE-200 Exposure of Sensitive Information to an Unauthorized Actor",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-04-08T17:16:24.462Z",
"orgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599",
"shortName": "Wordfence"
},
"references": [
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/b23bdba3-8947-47e4-b208-55e42865ab72?source=cve"
},
{
"url": "https://plugins.trac.wordpress.org/browser/bit-form/trunk/includes/Core/Util/FileHandler.php"
},
{
"url": "https://plugins.trac.wordpress.org/changeset/3233293/"
}
],
"timeline": [
{
"lang": "en",
"time": "2025-07-01T17:24:34.000Z",
"value": "Disclosed"
}
],
"title": "Contact Form by Bit Form \u003c= 2.17.5 - Unauthenticated Sensitive Information Exposure"
}
},
"cveMetadata": {
"assignerOrgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599",
"assignerShortName": "Wordfence",
"cveId": "CVE-2024-13451",
"datePublished": "2025-07-02T05:29:18.066Z",
"dateReserved": "2025-01-16T01:36:05.668Z",
"dateUpdated": "2026-04-08T17:16:24.462Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2025-1725 (GCVE-0-2025-1725)
Vulnerability from cvelistv5 – Published: 2025-06-03 08:21 – Updated: 2026-04-08 17:04
VLAI
Title
Bit File Manager – 100% Free & Open Source File Manager and Code Editor for WordPress <= 6.7 - Authenticated (Subscriber+) Stored Cross-Site Scripting via SVG File Uploads
Summary
The Bit File Manager – 100% Free & Open Source File Manager and Code Editor for WordPress plugin for WordPress is vulnerable to Stored Cross-Site Scripting via SVG File uploads in all versions up to, and including, 6.7 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with Subscriber-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses the SVG file.
Severity
6.4 (Medium)
SSVC
Exploitation: none
Automatable: no
Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
- CWE-434 - Unrestricted Upload of File with Dangerous Type
Assigner
References
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| bitpressadmin | File Manager |
Affected:
0 , ≤ 6.7
(semver)
|
Credits
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-1725",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-06-03T13:28:33.565708Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-06-03T13:28:41.470Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "File Manager",
"vendor": "bitpressadmin",
"versions": [
{
"lessThanOrEqual": "6.7",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "TANG Cheuk Hei"
}
],
"descriptions": [
{
"lang": "en",
"value": "The Bit File Manager \u2013 100% Free \u0026 Open Source File Manager and Code Editor for WordPress plugin for WordPress is vulnerable to Stored Cross-Site Scripting via SVG File uploads in all versions up to, and including, 6.7 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with Subscriber-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses the SVG file."
}
],
"metrics": [
{
"cvssV3_1": {
"baseScore": 6.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-434",
"description": "CWE-434 Unrestricted Upload of File with Dangerous Type",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-04-08T17:04:29.307Z",
"orgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599",
"shortName": "Wordfence"
},
"references": [
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/84ddb481-f989-4ba8-9925-e8327c30de38?source=cve"
},
{
"url": "https://plugins.trac.wordpress.org/browser/file-manager/tags/6.6.3/backend/app/Http/Controllers/FileManagerController.php#L112"
}
],
"timeline": [
{
"lang": "en",
"time": "2024-07-25T00:00:00.000Z",
"value": "Discovered"
},
{
"lang": "en",
"time": "2025-06-02T20:00:00.000Z",
"value": "Disclosed"
}
],
"title": "Bit File Manager \u2013 100% Free \u0026 Open Source File Manager and Code Editor for WordPress \u003c= 6.7 - Authenticated (Subscriber+) Stored Cross-Site Scripting via SVG File Uploads"
}
},
"cveMetadata": {
"assignerOrgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599",
"assignerShortName": "Wordfence",
"cveId": "CVE-2025-1725",
"datePublished": "2025-06-03T08:21:52.457Z",
"dateReserved": "2025-02-26T17:58:14.600Z",
"dateUpdated": "2026-04-08T17:04:29.307Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2025-2580 (GCVE-0-2025-2580)
Vulnerability from cvelistv5 – Published: 2025-04-25 05:25 – Updated: 2026-04-08 16:40
VLAI
Title
Contact Form by Bit Form <= 2.18.3 - Authenticated (Author+) Stored Cross-Site Scripting via SVG File Upload
Summary
The Contact Form by Bit Form plugin for WordPress is vulnerable to Stored Cross-Site Scripting via SVG File uploads in all versions up to, and including, 2.18.3 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with Author-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses the SVG file.
Severity
4.9 (Medium)
SSVC
Exploitation: none
Automatable: no
Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
- CWE-79 - Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
Assigner
References
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| bitpressadmin | Bit Form – Custom Contact Form, Multi Step, Conversational Form & Payment Form builder |
Affected:
0 , ≤ 2.18.3
(semver)
|
Credits
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-2580",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-04-25T19:01:01.675717Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-04-25T19:01:14.207Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Bit Form \u2013 Custom Contact Form, Multi Step, Conversational Form \u0026 Payment Form builder",
"vendor": "bitpressadmin",
"versions": [
{
"lessThanOrEqual": "2.18.3",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Avraham Shemesh"
}
],
"descriptions": [
{
"lang": "en",
"value": "The Contact Form by Bit Form plugin for WordPress is vulnerable to Stored Cross-Site Scripting via SVG File uploads in all versions up to, and including, 2.18.3 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with Author-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses the SVG file."
}
],
"metrics": [
{
"cvssV3_1": {
"baseScore": 4.9,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:L/I:L/A:N",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-79",
"description": "CWE-79 Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-04-08T16:40:57.362Z",
"orgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599",
"shortName": "Wordfence"
},
"references": [
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/1f3b5d85-a8b0-43ac-b593-a61e20b9a4ca?source=cve"
},
{
"url": "https://wordpress.org/plugins/bit-form/#developers"
},
{
"url": "https://plugins.trac.wordpress.org/changeset/3271396/"
}
],
"timeline": [
{
"lang": "en",
"time": "2025-04-24T16:58:42.000Z",
"value": "Disclosed"
}
],
"title": "Contact Form by Bit Form \u003c= 2.18.3 - Authenticated (Author+) Stored Cross-Site Scripting via SVG File Upload"
}
},
"cveMetadata": {
"assignerOrgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599",
"assignerShortName": "Wordfence",
"cveId": "CVE-2025-2580",
"datePublished": "2025-04-25T05:25:06.373Z",
"dateReserved": "2025-03-20T22:27:53.445Z",
"dateUpdated": "2026-04-08T16:40:57.362Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2025-0822 (GCVE-0-2025-0822)
Vulnerability from cvelistv5 – Published: 2025-02-15 12:43 – Updated: 2026-04-08 17:28
VLAI
Title
Bit Assist <= 1.5.2 - Path Traversal to Authenticated (Subscriber+) Arbitrary File Read via fileID Parameter
Summary
Bit Assist plugin for WordPress is vulnerable to Path Traversal in all versions up to, and including, 1.5.2 via the fileID Parameter. This makes it possible for authenticated attackers, with Subscriber-level access and above, to read the contents of arbitrary files on the server, which can contain sensitive information.
Severity
6.5 (Medium)
SSVC
Exploitation: none
Automatable: no
Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
- CWE-23 - Relative Path Traversal
Assigner
References
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| bitpressadmin | Chat Widget: Floating Customer Support Button for 30+ Channels, Supporting SMS, Calls, and Chat – Bit Assist |
Affected:
0 , ≤ 1.5.2
(semver)
|
Credits
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-0822",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-02-18T16:41:41.787989Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-02-18T19:35:54.973Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Chat Widget: Floating Customer Support Button for 30+ Channels, Supporting SMS, Calls, and Chat \u2013 Bit Assist",
"vendor": "bitpressadmin",
"versions": [
{
"lessThanOrEqual": "1.5.2",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Arkadiusz Hydzik"
}
],
"descriptions": [
{
"lang": "en",
"value": "Bit Assist plugin for WordPress is vulnerable to Path Traversal in all versions up to, and including, 1.5.2 via the fileID Parameter. This makes it possible for authenticated attackers, with Subscriber-level access and above, to read the contents of arbitrary files on the server, which can contain sensitive information."
}
],
"metrics": [
{
"cvssV3_1": {
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-23",
"description": "CWE-23 Relative Path Traversal",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-04-08T17:28:22.293Z",
"orgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599",
"shortName": "Wordfence"
},
"references": [
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/de9b0eba-5d2b-427c-a199-88bf96c26f5e?source=cve"
},
{
"url": "https://plugins.trac.wordpress.org/browser/bit-assist/tags/1.5.2/backend/app/HTTP/Controllers/DownloadController.php#L65"
},
{
"url": "https://wordpress.org/plugins/bit-assist/#developers"
},
{
"url": "https://plugins.trac.wordpress.org/changeset/3239816/#file3"
}
],
"timeline": [
{
"lang": "en",
"time": "2025-02-14T23:52:04.000Z",
"value": "Disclosed"
}
],
"title": "Bit Assist \u003c= 1.5.2 - Path Traversal to Authenticated (Subscriber+) Arbitrary File Read via fileID Parameter"
}
},
"cveMetadata": {
"assignerOrgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599",
"assignerShortName": "Wordfence",
"cveId": "CVE-2025-0822",
"datePublished": "2025-02-15T12:43:02.986Z",
"dateReserved": "2025-01-29T01:02:46.838Z",
"dateUpdated": "2026-04-08T17:28:22.293Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2025-0821 (GCVE-0-2025-0821)
Vulnerability from cvelistv5 – Published: 2025-02-14 11:10 – Updated: 2026-04-08 17:17
VLAI
Title
Bit Assist <= 1.5.2 - Authenticated (Subscriber+) SQL Injection via id Parameter
Summary
Bit Assist plugin for WordPress is vulnerable to time-based SQL Injection via the ‘id’ parameter in all versions up to, and including, 1.5.2 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it possible for authenticated attackers, with Subscriber-level access and above, to append additional SQL queries into already existing queries that can be used to extract sensitive information from the database.
Severity
6.5 (Medium)
SSVC
Exploitation: none
Automatable: no
Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
- CWE-89 - Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')
Assigner
References
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| bitpressadmin | Chat Widget: Floating Customer Support Button for 30+ Channels, Supporting SMS, Calls, and Chat – Bit Assist |
Affected:
0 , ≤ 1.5.2
(semver)
|
Credits
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-0821",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-02-14T16:36:03.639855Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-02-14T16:36:10.755Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Chat Widget: Floating Customer Support Button for 30+ Channels, Supporting SMS, Calls, and Chat \u2013 Bit Assist",
"vendor": "bitpressadmin",
"versions": [
{
"lessThanOrEqual": "1.5.2",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Arkadiusz Hydzik"
}
],
"descriptions": [
{
"lang": "en",
"value": "Bit Assist plugin for WordPress is vulnerable to time-based SQL Injection via the \u2018id\u2019 parameter in all versions up to, and including, 1.5.2 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it possible for authenticated attackers, with Subscriber-level access and above, to append additional SQL queries into already existing queries that can be used to extract sensitive information from the database."
}
],
"metrics": [
{
"cvssV3_1": {
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-89",
"description": "CWE-89 Improper Neutralization of Special Elements used in an SQL Command (\u0027SQL Injection\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-04-08T17:17:24.789Z",
"orgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599",
"shortName": "Wordfence"
},
"references": [
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/b64fc9d8-ea02-49e7-add1-8d83f0f41431?source=cve"
},
{
"url": "https://plugins.trac.wordpress.org/browser/bit-assist/tags/1.5.2/backend/app/HTTP/Controllers/WidgetChannelController.php#L89"
},
{
"url": "https://wordpress.org/plugins/bit-assist/#developers"
},
{
"url": "https://plugins.trac.wordpress.org/changeset/3239816/#file5"
}
],
"timeline": [
{
"lang": "en",
"time": "2025-02-13T22:13:48.000Z",
"value": "Disclosed"
}
],
"title": "Bit Assist \u003c= 1.5.2 - Authenticated (Subscriber+) SQL Injection via id Parameter"
}
},
"cveMetadata": {
"assignerOrgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599",
"assignerShortName": "Wordfence",
"cveId": "CVE-2025-0821",
"datePublished": "2025-02-14T11:10:58.171Z",
"dateReserved": "2025-01-28T23:49:24.907Z",
"dateUpdated": "2026-04-08T17:17:24.789Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2024-13791 (GCVE-0-2024-13791)
Vulnerability from cvelistv5 – Published: 2025-02-14 11:10 – Updated: 2026-04-08 16:37
VLAI
Title
Bit Assist <= 1.5.2 - Path Traversal to Authenticated (Administrator+) Arbitrary File Read via downloadResponseFile Function
Summary
Bit Assist plugin for WordPress is vulnerable to Path Traversal in all versions up to, and including, 1.5.2 via the downloadResponseFile() function. This makes it possible for authenticated attackers, with Administrator-level access and above, to read the contents of arbitrary files on the server, which can contain sensitive information.
Severity
4.9 (Medium)
SSVC
Exploitation: none
Automatable: no
Technical Impact: total
CISA Coordinator (v2.0.3)
CWE
- CWE-23 - Relative Path Traversal
Assigner
References
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| bitpressadmin | Chat Widget: Floating Customer Support Button for 30+ Channels, Supporting SMS, Calls, and Chat – Bit Assist |
Affected:
0 , ≤ 1.5.2
(semver)
|
Credits
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-13791",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-02-14T16:42:33.130674Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-02-14T16:42:43.715Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Chat Widget: Floating Customer Support Button for 30+ Channels, Supporting SMS, Calls, and Chat \u2013 Bit Assist",
"vendor": "bitpressadmin",
"versions": [
{
"lessThanOrEqual": "1.5.2",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "marco jacobs"
}
],
"descriptions": [
{
"lang": "en",
"value": "Bit Assist plugin for WordPress is vulnerable to Path Traversal in all versions up to, and including, 1.5.2 via the downloadResponseFile() function. This makes it possible for authenticated attackers, with Administrator-level access and above, to read the contents of arbitrary files on the server, which can contain sensitive information."
}
],
"metrics": [
{
"cvssV3_1": {
"baseScore": 4.9,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-23",
"description": "CWE-23 Relative Path Traversal",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-04-08T16:37:33.408Z",
"orgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599",
"shortName": "Wordfence"
},
"references": [
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/17fd14e7-503a-49e4-9344-5f8d51801eb3?source=cve"
},
{
"url": "https://github.com/WordPressBugBounty/plugins-bit-assist/blob/main/bit-assist/backend/app/HTTP/Controllers/DownloadController.php"
},
{
"url": "https://wordpress.org/plugins/bit-assist/#developers"
},
{
"url": "https://plugins.trac.wordpress.org/changeset/3239816/#file3"
}
],
"timeline": [
{
"lang": "en",
"time": "2025-02-13T22:19:23.000Z",
"value": "Disclosed"
}
],
"title": "Bit Assist \u003c= 1.5.2 - Path Traversal to Authenticated (Administrator+) Arbitrary File Read via downloadResponseFile Function"
}
},
"cveMetadata": {
"assignerOrgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599",
"assignerShortName": "Wordfence",
"cveId": "CVE-2024-13791",
"datePublished": "2025-02-14T11:10:57.563Z",
"dateReserved": "2025-01-29T19:56:49.186Z",
"dateUpdated": "2026-04-08T16:37:33.408Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2024-13450 (GCVE-0-2024-13450)
Vulnerability from cvelistv5 – Published: 2025-01-25 08:23 – Updated: 2026-04-08 17:27
VLAI
Title
Contact Form by Bit Form <= 2.17.4 - Authenticated (Administrator+) Server-Side Request Forgery
Summary
The Contact Form by Bit Form: Multi Step Form, Calculation Contact Form, Payment Contact Form & Custom Contact Form builder plugin for WordPress is vulnerable to Server-Side Request Forgery in all versions up to, and including, 2.17.4 via the Webhooks integration. This makes it possible for authenticated attackers, with Administrator-level access and above, to make web requests to arbitrary locations originating from the web application and can be used to query and modify information from internal services. The vulnerability can also be exploited in Multisite environments.
Severity
SSVC
Exploitation: none
Automatable: no
Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
- CWE-918 - Server-Side Request Forgery (SSRF)
Assigner
References
7 references
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| bitpressadmin | Bit Form – Custom Contact Form, Multi Step, Conversational Form & Payment Form builder |
Affected:
0 , ≤ 2.17.4
(semver)
|
Credits
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-13450",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-01-27T15:35:14.077986Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-01-27T15:35:19.178Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Bit Form \u2013 Custom Contact Form, Multi Step, Conversational Form \u0026 Payment Form builder",
"vendor": "bitpressadmin",
"versions": [
{
"lessThanOrEqual": "2.17.4",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Francesco Carlucci"
}
],
"descriptions": [
{
"lang": "en",
"value": "The Contact Form by Bit Form: Multi Step Form, Calculation Contact Form, Payment Contact Form \u0026 Custom Contact Form builder plugin for WordPress is vulnerable to Server-Side Request Forgery in all versions up to, and including, 2.17.4 via the Webhooks integration. This makes it possible for authenticated attackers, with Administrator-level access and above, to make web requests to arbitrary locations originating from the web application and can be used to query and modify information from internal services. The vulnerability can also be exploited in Multisite environments."
}
],
"metrics": [
{
"cvssV3_1": {
"baseScore": 3.8,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:N",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-918",
"description": "CWE-918 Server-Side Request Forgery (SSRF)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-04-08T17:27:04.057Z",
"orgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599",
"shortName": "Wordfence"
},
"references": [
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/d935f4c5-5d69-42d9-be22-7a44d9aa885a?source=cve"
},
{
"url": "https://plugins.trac.wordpress.org/browser/bit-form/trunk/includes/Admin/Form/AdminFormHandler.php#L1072"
},
{
"url": "https://plugins.trac.wordpress.org/browser/bit-form/trunk/includes/Admin/Form/AdminFormHandler.php#L1312"
},
{
"url": "https://plugins.trac.wordpress.org/browser/bit-form/trunk/includes/Core/Integration/WebHooks/WebHooksHandler.php#L51"
},
{
"url": "https://plugins.trac.wordpress.org/browser/bit-form/trunk/includes/Core/Integration/WebHooks/WebHooksHandler.php#L96"
},
{
"url": "https://plugins.trac.wordpress.org/browser/bit-form/trunk/includes/Core/Integration/WebHooks/WebHooksHandler.php#L190"
},
{
"url": "https://plugins.trac.wordpress.org/changeset/3227207/"
}
],
"timeline": [
{
"lang": "en",
"time": "2025-01-24T19:37:19.000Z",
"value": "Disclosed"
}
],
"title": "Contact Form by Bit Form \u003c= 2.17.4 - Authenticated (Administrator+) Server-Side Request Forgery"
}
},
"cveMetadata": {
"assignerOrgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599",
"assignerShortName": "Wordfence",
"cveId": "CVE-2024-13450",
"datePublished": "2025-01-25T08:23:15.871Z",
"dateReserved": "2025-01-16T01:06:43.819Z",
"dateUpdated": "2026-04-08T17:27:04.057Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2024-12190 (GCVE-0-2024-12190)
Vulnerability from cvelistv5 – Published: 2024-12-25 03:21 – Updated: 2026-04-08 17:24
VLAI
Title
Contact Form by Bit Form: Multi Step Form, Calculation Contact Form, Payment Contact Form & Custom Contact Form builder <= 2.17.3 - Missing Authorization to Authenticated (Subscriber+) Form Submission Disclosure
Summary
The Contact Form by Bit Form: Multi Step Form, Calculation Contact Form, Payment Contact Form & Custom Contact Form builder plugin for WordPress is vulnerable to unauthorized access of data due to a missing capability check on the bitform-form-entry-edit endpoint in all versions up to, and including, 2.17.3. This makes it possible for authenticated attackers, with Subscriber-level access and above, to view all form submissions from other users.
Severity
4.3 (Medium)
SSVC
Exploitation: none
Automatable: no
Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
- CWE-862 - Missing Authorization
Assigner
References
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| bitpressadmin | Bit Form – Custom Contact Form, Multi Step, Conversational Form & Payment Form builder |
Affected:
0 , ≤ 2.17.3
(semver)
|
Credits
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-12190",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-12-27T15:15:06.092369Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-12-27T15:15:13.938Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Bit Form \u2013 Custom Contact Form, Multi Step, Conversational Form \u0026 Payment Form builder",
"vendor": "bitpressadmin",
"versions": [
{
"lessThanOrEqual": "2.17.3",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Akbar Kustirama"
}
],
"descriptions": [
{
"lang": "en",
"value": "The Contact Form by Bit Form: Multi Step Form, Calculation Contact Form, Payment Contact Form \u0026 Custom Contact Form builder plugin for WordPress is vulnerable to unauthorized access of data due to a missing capability check on the bitform-form-entry-edit endpoint in all versions up to, and including, 2.17.3. This makes it possible for authenticated attackers, with Subscriber-level access and above, to view all form submissions from other users."
}
],
"metrics": [
{
"cvssV3_1": {
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-862",
"description": "CWE-862 Missing Authorization",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-04-08T17:24:27.412Z",
"orgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599",
"shortName": "Wordfence"
},
"references": [
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/ce9dab37-4118-4e13-857c-9aa072d25edf?source=cve"
},
{
"url": "https://plugins.trac.wordpress.org/changeset/3204875/bit-form/trunk/includes/Frontend/FormEntryView.php"
},
{
"url": "https://plugins.trac.wordpress.org/changeset/3209668/bit-form/trunk/includes/Frontend/FormEntryView.php"
}
],
"timeline": [
{
"lang": "en",
"time": "2024-12-24T00:00:00.000Z",
"value": "Disclosed"
}
],
"title": "Contact Form by Bit Form: Multi Step Form, Calculation Contact Form, Payment Contact Form \u0026 Custom Contact Form builder \u003c= 2.17.3 - Missing Authorization to Authenticated (Subscriber+) Form Submission Disclosure"
}
},
"cveMetadata": {
"assignerOrgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599",
"assignerShortName": "Wordfence",
"cveId": "CVE-2024-12190",
"datePublished": "2024-12-25T03:21:32.469Z",
"dateReserved": "2024-12-04T16:52:19.532Z",
"dateUpdated": "2026-04-08T17:24:27.412Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2024-9507 (GCVE-0-2024-9507)
Vulnerability from cvelistv5 – Published: 2024-10-11 07:37 – Updated: 2026-04-08 17:14
VLAI
Title
Contact Form by Bit Form: Multi Step Form, Calculation Contact Form, Payment Contact Form & Custom Contact Form builder <= 2.15.2 - Authenticated (Administrator+) Improper Input Validation via iconUpload Function to Arbitrary File Read
Summary
The Contact Form by Bit Form: Multi Step Form, Calculation Contact Form, Payment Contact Form & Custom Contact Form builder plugin for WordPress is vulnerable to arbitrary file read in all versions up to, and including, 2.15.2 due to improper input validation within the iconUpload function. This makes it possible for authenticated attackers, with Administrator-level access and above, to leverage a PHP filter chain attack and read the contents of arbitrary files on the server, which can contain sensitive information.
Severity
4.9 (Medium)
SSVC
Exploitation: none
Automatable: no
Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
- CWE-20 - Improper Input Validation
Assigner
References
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| bitpressadmin | Bit Form – Custom Contact Form, Multi Step, Conversational Form & Payment Form builder |
Affected:
0 , ≤ 2.15.2
(semver)
|
Credits
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-9507",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-10-11T15:21:04.596698Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-10-11T15:21:23.094Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Bit Form \u2013 Custom Contact Form, Multi Step, Conversational Form \u0026 Payment Form builder",
"vendor": "bitpressadmin",
"versions": [
{
"lessThanOrEqual": "2.15.2",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "TANG Cheuk Hei"
}
],
"descriptions": [
{
"lang": "en",
"value": "The Contact Form by Bit Form: Multi Step Form, Calculation Contact Form, Payment Contact Form \u0026 Custom Contact Form builder plugin for WordPress is vulnerable to arbitrary file read in all versions up to, and including, 2.15.2 due to improper input validation within the iconUpload function. This makes it possible for authenticated attackers, with Administrator-level access and above, to leverage a PHP filter chain attack and read the contents of arbitrary files on the server, which can contain sensitive information."
}
],
"metrics": [
{
"cvssV3_1": {
"baseScore": 4.9,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-20",
"description": "CWE-20 Improper Input Validation",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-04-08T17:14:21.751Z",
"orgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599",
"shortName": "Wordfence"
},
"references": [
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/aa46842f-ed07-4f72-aedb-aa27baecd79c?source=cve"
},
{
"url": "https://plugins.trac.wordpress.org/browser/bit-form/trunk/includes/Admin/AdminAjax.php#L1210"
},
{
"url": "https://wordpress.org/plugins/bit-form/#developers"
},
{
"url": "https://plugins.trac.wordpress.org/changeset/3165686/bit-form/trunk/includes/Admin/AdminAjax.php"
},
{
"url": "https://plugins.trac.wordpress.org/changeset/3165686/"
}
],
"timeline": [
{
"lang": "en",
"time": "2024-10-10T19:11:18.000Z",
"value": "Disclosed"
}
],
"title": "Contact Form by Bit Form: Multi Step Form, Calculation Contact Form, Payment Contact Form \u0026 Custom Contact Form builder \u003c= 2.15.2 - Authenticated (Administrator+) Improper Input Validation via iconUpload Function to Arbitrary File Read"
}
},
"cveMetadata": {
"assignerOrgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599",
"assignerShortName": "Wordfence",
"cveId": "CVE-2024-9507",
"datePublished": "2024-10-11T07:37:45.931Z",
"dateReserved": "2024-10-03T22:44:15.090Z",
"dateUpdated": "2026-04-08T17:14:21.751Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2024-8743 (GCVE-0-2024-8743)
Vulnerability from cvelistv5 – Published: 2024-10-05 06:44 – Updated: 2026-04-08 16:45
VLAI
Title
Bit File Manager – 100% Free & Open Source File Manager and Code Editor for WordPress <= 6.5.7 - Authenticated (Subscriber+) Limited JavaScript File Upload
Summary
The Bit File Manager – 100% Free & Open Source File Manager and Code Editor for WordPress plugin for WordPress is vulnerable to Limited JavaScript File Upload in all versions up to, and including, 6.5.7. This is due to a lack of proper checks on allowed file types. This makes it possible for authenticated attackers, with Subscriber-level access and above, and granted permissions by an administrator, to upload .css and .js files, which could lead to Stored Cross-Site Scripting.
Severity
6.8 (Medium)
SSVC
Exploitation: none
Automatable: no
Technical Impact: total
CISA Coordinator (v2.0.3)
CWE
- CWE-434 - Unrestricted Upload of File with Dangerous Type
Assigner
References
Impacted products
2 products
| Vendor | Product | Version | |
|---|---|---|---|
| bitpressadmin | File Manager |
Affected:
0 , ≤ 6.5.7
(semver)
|
|
| bitapps | file_manager |
Affected:
0 , < 6.5.8
(semver)
cpe:2.3:a:bitapps:file_manager:*:*:*:*:*:wordpress:*:* |
Credits
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:a:bitapps:file_manager:*:*:*:*:*:wordpress:*:*"
],
"defaultStatus": "unaffected",
"product": "file_manager",
"vendor": "bitapps",
"versions": [
{
"lessThan": "6.5.8",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-8743",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-10-07T15:57:45.966898Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-10-07T15:57:49.035Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "File Manager",
"vendor": "bitpressadmin",
"versions": [
{
"lessThanOrEqual": "6.5.7",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "TANG Cheuk Hei"
}
],
"descriptions": [
{
"lang": "en",
"value": "The Bit File Manager \u2013 100% Free \u0026 Open Source File Manager and Code Editor for WordPress plugin for WordPress is vulnerable to Limited JavaScript File Upload in all versions up to, and including, 6.5.7. This is due to a lack of proper checks on allowed file types. This makes it possible for authenticated attackers, with Subscriber-level access and above, and granted permissions by an administrator, to upload .css and .js files, which could lead to Stored Cross-Site Scripting."
}
],
"metrics": [
{
"cvssV3_1": {
"baseScore": 6.8,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:N",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-434",
"description": "CWE-434 Unrestricted Upload of File with Dangerous Type",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-04-08T16:45:05.656Z",
"orgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599",
"shortName": "Wordfence"
},
"references": [
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/314520d5-bd9d-46c1-b903-5e5cb3bb3417?source=cve"
},
{
"url": "https://plugins.trac.wordpress.org/changeset/3161219/"
}
],
"timeline": [
{
"lang": "en",
"time": "2024-10-04T00:00:00.000Z",
"value": "Disclosed"
}
],
"title": "Bit File Manager \u2013 100% Free \u0026 Open Source File Manager and Code Editor for WordPress \u003c= 6.5.7 - Authenticated (Subscriber+) Limited JavaScript File Upload"
}
},
"cveMetadata": {
"assignerOrgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599",
"assignerShortName": "Wordfence",
"cveId": "CVE-2024-8743",
"datePublished": "2024-10-05T06:44:10.696Z",
"dateReserved": "2024-09-11T21:44:52.570Z",
"dateUpdated": "2026-04-08T16:45:05.656Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2024-7770 (GCVE-0-2024-7770)
Vulnerability from cvelistv5 – Published: 2024-09-10 10:59 – Updated: 2026-04-08 17:11
VLAI
Title
Bit File Manager – 100% Free & Open Source File Manager and Code Editor for WordPress <= 6.5.5 - Authenticated (Subscriber+) Arbitrary File Upload
Summary
The Bit File Manager – 100% Free & Open Source File Manager and Code Editor for WordPress plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the 'upload' function in all versions up to, and including, 6.5.5. This makes it possible for authenticated attackers, with Subscriber-level access and above, and granted upload permissions by an administrator, to upload arbitrary files on the affected site's server which may make remote code execution possible.
Severity
8.8 (High)
SSVC
Exploitation: none
Automatable: no
Technical Impact: total
CISA Coordinator (v2.0.3)
CWE
- CWE-434 - Unrestricted Upload of File with Dangerous Type
Assigner
References
6 references
Impacted products
2 products
| Vendor | Product | Version | |
|---|---|---|---|
| bitpressadmin | File Manager |
Affected:
0 , ≤ 6.5.5
(semver)
|
|
| bitpressadmin | bit_file_manager_wordpress |
Affected:
0 , ≤ 6.5.5
(semver)
cpe:2.3:a:bitpressadmin:bit_file_manager_wordpress:*:*:*:*:*:*:*:* |
Credits
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:a:bitpressadmin:bit_file_manager_wordpress:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "bit_file_manager_wordpress",
"vendor": "bitpressadmin",
"versions": [
{
"lessThanOrEqual": "6.5.5",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-7770",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-09-10T13:22:42.916828Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-09-10T13:25:39.611Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "File Manager",
"vendor": "bitpressadmin",
"versions": [
{
"lessThanOrEqual": "6.5.5",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "TANG Cheuk Hei"
}
],
"descriptions": [
{
"lang": "en",
"value": "The Bit File Manager \u2013 100% Free \u0026 Open Source File Manager and Code Editor for WordPress plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the \u0027upload\u0027 function in all versions up to, and including, 6.5.5. This makes it possible for authenticated attackers, with Subscriber-level access and above, and granted upload permissions by an administrator, to upload arbitrary files on the affected site\u0027s server which may make remote code execution possible."
}
],
"metrics": [
{
"cvssV3_1": {
"baseScore": 8.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-434",
"description": "CWE-434 Unrestricted Upload of File with Dangerous Type",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-04-08T17:11:28.275Z",
"orgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599",
"shortName": "Wordfence"
},
"references": [
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/9cae7702-e531-45b9-9131-42edbc073a07?source=cve"
},
{
"url": "https://plugins.trac.wordpress.org/browser/file-manager/trunk/backend/app/Http/Controllers/FileManagerController.php#L26"
},
{
"url": "https://plugins.trac.wordpress.org/browser/file-manager/trunk/libs/elFinder/php/elFinderConnector.class.php#L160"
},
{
"url": "https://plugins.trac.wordpress.org/browser/file-manager/trunk/libs/elFinder/php/elFinder.class.php#L1210"
},
{
"url": "https://plugins.trac.wordpress.org/browser/file-manager/trunk/libs/elFinder/php/elFinder.class.php#L3257"
},
{
"url": "https://plugins.trac.wordpress.org/changeset/3138710/"
}
],
"timeline": [
{
"lang": "en",
"time": "2024-09-09T00:00:00.000Z",
"value": "Disclosed"
}
],
"title": "Bit File Manager \u2013 100% Free \u0026 Open Source File Manager and Code Editor for WordPress \u003c= 6.5.5 - Authenticated (Subscriber+) Arbitrary File Upload"
}
},
"cveMetadata": {
"assignerOrgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599",
"assignerShortName": "Wordfence",
"cveId": "CVE-2024-7770",
"datePublished": "2024-09-10T10:59:05.034Z",
"dateReserved": "2024-08-13T19:11:05.331Z",
"dateUpdated": "2026-04-08T17:11:28.275Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}