Is "Contact Form by WPForms – Drag & Drop Form Builder for WordPress" safe?

WordPress Plugin security and safety information.

Rating: Good (current version safe) Recommendations

Contact Form by WPForms – Drag & Drop Form Builder for WordPress: Plugin Details

Type: Plugin
Author: WPForms
URL: https://wordpress.org/plugins/wpforms-lite/
Latest Version: 1.9.4.1

 

Contact Form by WPForms – Drag & Drop Form Builder for WordPress: Security Information

Insecure versions: Up To 1.9.3.1
Known since: 2025-02-05 02:00:16


Insecure versions: Up To 1.9.2.2
Known since: 2025-02-04 14:30:57


Insecure versions: Up To 1.8.4
Known since: 2024-12-18 02:00:44


Insecure versions: Up To 1.9.2.2
Known since: 2024-12-17 17:18:54


Insecure versions: Up To 1.9.1.6
Known since: 2024-12-05 08:20:53


Insecure versions: Up To 1.9.1.5
Known since: 2024-11-05 02:00:34


Insecure versions: Up To 1.8.7.2
Known since: 2024-05-07 02:00:16


Insecure versions: Up To 1.8.1.2
Known since: 2024-05-06 19:25:20


Insecure versions: Up To 1.7.5.4
Known since: 2022-09-20 07:33:25


Insecure versions: Up To 1.6.0.1
Known since: 2020-07-01 14:37:41
Description: The plugin WPForms Lite has a Stored XSS vulnerability in its admin-side editing interface.


Insecure versions: Up To 1.5.8.2
Known since: 2020-03-06 16:44:22
Description: An authenticated Cross-Site Scripting (XSS) vulnerability in this plugin can be exploited by attackers to perform various malicious actions such as stealing login credentials, logging keystrokes, or performing arbitrary actions on the victim’s behalf.


Insecure versions: Up To 1.4.7
Known since: 2018-12-27 04:25:59


Insecure versions: Up To 1.4.7
Known since: 2018-12-27 04:25:59


 

Contact Form by WPForms – Drag & Drop Form Builder for WordPress: Safety Recommendations

We have rated Contact Form by WPForms – Drag & Drop Form Builder for WordPress as Good (current version safe) which means that we have found vulnerabilities in older versions.

We recommend that you only use the latest version of Contact Form by WPForms – Drag & Drop Form Builder for WordPress.

Contact Form by WPForms – Drag & Drop Form Builder for WordPress: Staying Up-to-date

Make sure your installation of Contact Form by WPForms – Drag & Drop Form Builder for WordPress is safe with the following free Jetpack services for WordPress sites:
  • Updates & Management
    Turn on auto-updates for Contact Form by WPForms – Drag & Drop Form Builder for WordPress or manage in bulk.
  • Prevent Infiltrations
    Automatic protection against brute force attacks and secure sign on.

Choose Your Plan

Contact Form by WPForms – Drag & Drop Form Builder for WordPress: Keeping Safe

If you're running a business, ecommerce, news, or other critical website, Jetpack also provides additional indispensable services:
  • Automated Backups
    Full backup of your entire site with unlimited storage space.
  • Restores & Migrations
    Restore or migrate your site from a backup with one click.
  • Security Scanning
    Regular, automated scans of your site for malware, threats, and hacks.
  • Expert Support
    Fast, priority support for any WordPress security issue.

Choose Your Plan

About this information

This WordPress security information is part of our security library and is brought to you by Jetpack as part of our committment to a safer WordPress experience.

If you have any questions, please do not hesitate to contact us.