CVE-2023-24410
WordPress FluentForm Plugin <= 4.3.25 is vulnerable to SQL Injection
CVSS Score
9.8
EPSS Score
0.0%
EPSS Percentile
0th
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Contact Form - WPManageNinja LLC Contact Form Plugin – Fastest Contact Form Builder Plugin for WordPress by Fluent Forms fluentform allows SQL Injection.This issue affects Contact Form Plugin – Fastest Contact Form Builder Plugin for WordPress by Fluent Forms: from n/a through 4.3.25.
| CWE | CWE-89 |
| Vendor | contact form - wpmanageninja llc |
| Product | contact form plugin – fastest contact form builder plugin for wordpress by fluent forms |
| Published | Oct 31, 2023 |
| Last Updated | Apr 28, 2026 |
Stay Ahead of the Next One
Get instant alerts for contact form - wpmanageninja llc contact form plugin – fastest contact form builder plugin for wordpress by fluent forms
Be the first to know when new critical vulnerabilities affecting contact form - wpmanageninja llc contact form plugin – fastest contact form builder plugin for wordpress by fluent forms are published — delivered to Slack, Telegram or Discord.
Get Free Alerts →
Free · No credit card · 60 sec setup
Affected Versions
Contact Form - WPManageNinja LLC / Contact Form Plugin – Fastest Contact Form Builder Plugin for WordPress by Fluent Forms
n/a ≤ 4.3.25
References
Credits
Ravi Dharmawan (Patchstack Alliance)