CVE-2024-4261 | themehunk Responsive Contact Form Builder & Lead Generation Plugin Shortcode do_shortcode code injection

Posted by Angelo Barbosa | May 22, 2024 | CVE

A vulnerability was found in themehunk Responsive Contact Form Builder & Lead Generation Plugin up to 1.9.1 on WordPress and classified as critical. Affected by this issue is the function do_shortcode of the component Shortcode Handler. The manipulation leads to code injection.

This vulnerability is handled as CVE-2024-4261. The attack may be launched remotely. There is no exploit available.

CVE-2024-4261 | themehunk Responsive Contact Form Builder & Lead Generation Plugin Shortcode do_shortcode code injection

Related Posts

CVE-2024-3670 | harmr Leaflet Maps Marker Plugin up to 3.12.8 on WordPress Shortcode mapsmarker cross site scripting (ID 3069915)

CVE-2023-51090 | Tenda M3 1.0.0.12(4856) formGetWeiXinConfig stack-based overflow

CVE-2024-3053 | Forminator Plugin up to 1.29.2 on WordPress Shortcode forminator_form cross site scripting

CVE-2024-31651 | Cosmetics and Beauty Product Online Store 1.0 First Name cross site scripting