Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1110 CNY

100%
Buy Us a Coffee

bitpressadmin — Vulnerabilities & Security Advisories 21

Browse all 21 CVE security advisories affecting bitpressadmin. AI-powered Chinese analysis, POCs, and references for each vulnerability.

Bitpressadmin is a WordPress plugin primarily utilized for managing and displaying press releases, serving as a central tool for public relations automation and media distribution. Historically, its codebase has been associated with twenty-one Common Vulnerabilities and Exposures (CVEs), predominantly stemming from insufficient input validation and improper sanitization of user-supplied data. The most frequent vulnerability classes include Remote Code Execution (RCE) and Cross-Site Scripting (XSS), often facilitated by insecure file upload mechanisms and weak authentication checks. Privilege escalation issues have also been documented, allowing unauthorized users to gain administrative access. These flaws typically arise from legacy code structures that lack modern security hardening practices. While no single catastrophic incident has defined its history, the cumulative effect of these CVEs highlights significant risks for organizations relying on the plugin without rigorous patch management.

Found 9 results / 21Clear Filters
Top products by bitpressadmin: Bit Form – Custom Contact Form, Multi Step, Conversational Form & Payment Form builder Contact Form by Bit Form: Multi Step Form, Calculation Contact Form, Payment Contact Form & Custom Contact Form builder File Manager Chat Widget: Floating Customer Support Button for 30+ Channels, Supporting SMS, Calls, and Chat – Bit Assist Bit File Manager – 100% Free & Open Source File Manager and Code Editor for WordPress
CVE IDTitleCVSSSeverityPublished
CVE-2025-14901 Bit Form – Contact Form Plugin <= 2.21.6 - Missing Authorization to Unauthenticated Workflow Replay — Bit Form – Custom Contact Form, Multi Step, Conversational Form & Payment Form builderCWE-862 6.5 Medium2026-01-07
CVE-2025-6679 Contact Form by Bit Form - Bit Form <= 2.20.3 - Unauthenticated Arbitrary File Upload — Bit Form – Custom Contact Form, Multi Step, Conversational Form & Payment Form builderCWE-434 9.8 Critical2025-08-15
CVE-2024-13451 Contact Form by Bit Form <= 2.17.5 - Unauthenticated Sensitive Information Exposure — Bit Form – Custom Contact Form, Multi Step, Conversational Form & Payment Form builderCWE-200 5.3 Medium2025-07-02
CVE-2025-2580 Contact Form by Bit Form <= 2.18.3 - Authenticated (Author+) Stored Cross-Site Scripting via SVG File Upload — Bit Form – Custom Contact Form, Multi Step, Conversational Form & Payment Form builderCWE-79 4.9 Medium2025-04-25
CVE-2024-13450 Contact Form by Bit Form <= 2.17.4 - Authenticated (Administrator+) Server-Side Request Forgery — Bit Form – Custom Contact Form, Multi Step, Conversational Form & Payment Form builderCWE-918 3.8 Low2025-01-25
CVE-2024-12190 Contact Form by Bit Form: Multi Step Form, Calculation Contact Form, Payment Contact Form & Custom Contact Form builder <= 2.17.3 - Missing Authorization to Authenticated (Subscriber+) Form Submission Disclosure — Bit Form – Custom Contact Form, Multi Step, Conversational Form & Payment Form builderCWE-862 4.3 Medium2024-12-25
CVE-2024-9507 Contact Form by Bit Form: Multi Step Form, Calculation Contact Form, Payment Contact Form & Custom Contact Form builder <= 2.15.2 - Authenticated (Administrator+) Improper Input Validation via iconUpload Function to Arbitrary File Read — Bit Form – Custom Contact Form, Multi Step, Conversational Form & Payment Form builderCWE-20 4.9 Medium2024-10-11
CVE-2024-6123 Bit Form <= 2.13.3 - Authenticated (Administrator+) Arbitrary File Upload — Bit Form – Custom Contact Form, Multi Step, Conversational Form & Payment Form builderCWE-434 7.2 High2024-07-09
CVE-2024-1640 Contact Form Builder Plugin: Multi Step Contact Form, Payment Form, Custom Contact Form Plugin by Bit Form <= 2.10.1 - Unauthenticated Insecure Direct Object Reference to Form Submission Alteration — Bit Form – Custom Contact Form, Multi Step, Conversational Form & Payment Form builderCWE-639 5.3 Medium2024-03-13

This page lists every published CVE security advisory associated with bitpressadmin. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.