Vulnerabilities in bitpressadmin
22 resultsCVE-2024-7627HIGHBit File Manager 6.0 - 6.5.5 - Unauthenticated Remote Code Execution via Race ConditionEPSS 2.8%CVE-2024-7770HIGHBit File Manager – 100% Free & Open Source File Manager and Code Editor for WordPress <= 6.5.5 - Authenticated (Subscriber+) Arbitrary File UploadEPSS 1.1%CVE-2024-7777CRITICALContact Form by Bit Form: Multi Step Form, Calculation Contact Form, Payment Contact Form & Custom Contact Form builder 2.0 - 2.13.9 - Authenticated (Administrator+) Arbitrary File Read And DeletionEPSS 1.0%CVE-2024-6123HIGHBit Form <= 2.13.3 - Authenticated (Administrator+) Arbitrary File UploadEPSS 1.0%CVE-2024-7782HIGHContact Form by Bit Form: Multi Step Form, Calculation Contact Form, Payment Contact Form & Custom Contact Form builder 2.0 - 2.13.4 - Authenticater (Administrator+) Arbitrary File DeletionEPSS 0.9%CVE-2024-8743MEDIUMBit File Manager – 100% Free & Open Source File Manager and Code Editor for WordPress <= 6.5.7 - Authenticated (Subscriber+) Limited JavaScript File UploadEPSS 0.8%CVE-2025-6679CRITICALContact Form by Bit Form - Bit Form <= 2.20.3 - Unauthenticated Arbitrary File UploadEPSS 0.7%CVE-2024-13791MEDIUMBit Assist <= 1.5.2 - Path Traversal to Authenticated (Administrator+) Arbitrary File Read via downloadResponseFile FunctionEPSS 0.6%CVE-2025-0822MEDIUMBit Assist <= 1.5.2 - Path Traversal to Authenticated (Subscriber+) Arbitrary File Read via fileID ParameterEPSS 0.6%CVE-2025-0821MEDIUMBit Assist <= 1.5.2 - Authenticated (Subscriber+) SQL Injection via id ParameterEPSS 0.5%CVE-2024-9507MEDIUMContact Form by Bit Form: Multi Step Form, Calculation Contact Form, Payment Contact Form & Custom Contact Form builder <= 2.15.2 - Authenticated (Administrator+) Improper Input Validation via iconUpload Function to Arbitrary File ReadEPSS 0.5%CVE-2024-7780HIGHContact Form by Bit Form: Multi Step Form, Calculation Contact Form, Payment Contact Form & Custom Contact Form builder 2.0 - 2.13.9 - Authenticated (Administrator+) SQL InjectionEPSS 0.5%CVE-2024-1640MEDIUMContact Form Builder Plugin: Multi Step Contact Form, Payment Form, Custom Contact Form Plugin by Bit Form <= 2.10.1 - Unauthenticated Insecure Direct Object Reference to Form Submission AlterationEPSS 0.5%CVE-2024-7702HIGHContact Form by Bit Form: Multi Step Form, Calculation Contact Form, Payment Contact Form & Custom Contact Form builder 2.0 - 2.13.9 - Authenticated (Administrator+) SQL Injection via getLogHistory FunctionEPSS 0.5%CVE-2024-12190MEDIUMContact Form by Bit Form: Multi Step Form, Calculation Contact Form, Payment Contact Form & Custom Contact Form builder <= 2.17.3 - Missing Authorization to Authenticated (Subscriber+) Form Submission DisclosureEPSS 0.4%CVE-2024-13450LOWContact Form by Bit Form <= 2.17.4 - Authenticated (Administrator+) Server-Side Request ForgeryEPSS 0.4%CVE-2025-14901MEDIUMBit Form – Contact Form Plugin <= 2.21.6 - Missing Authorization to Unauthenticated Workflow ReplayEPSS 0.4%CVE-2024-13451MEDIUMContact Form by Bit Form <= 2.17.5 - Unauthenticated Sensitive Information ExposureEPSS 0.3%CVE-2026-11989MEDIUMBit integrations <= 2.8.7 - Unauthenticated Server-Side Request Forgery via Form Field Upload MappingEPSS 0.3%CVE-2024-7775MEDIUMContact Form by Bit Form: Multi Step Form, Calculation Contact Form, Payment Contact Form & Custom Contact Form builder 2.0 - 2.13.9 - Authenticated (Administrator+) Arbitrary JavaScript File UploadsEPSS 0.2%