top of page


[WordPress Metform Elementor Contact Form Builder Plugin](versions 3.1.2 and older) Vulnerability

Updated: Feb 14, 2023

[WordPress Metform Elementor Contact Form Plugin] (versions 3.1.2 and older) Vulnerability to Cross-SIte Scripting (XSS)

Importance (CVSS3.0)

★★★★★★★☆☆☆ 7.1/ 10 - High


A Cross-Site Scripting (XSS) vulnerability was discovered in WordPress Metform Elementor Contact Form Plugin.

Because of this vulnerability malicious attackers can inject fraudulent scripts such as redirect, ads, and other HTML payload. This may be executed when guests visit the website.


Update the WordPress WordPress Metform Elementor Contact Form Plugin to the newest version (3.1.2 and newer).


We provide information about critical vulnerabilities of WordPress for people who are using or are considering using Wordpress for their projects.


bottom of page