CVE-2024-13451 – Bit Form Contact Form Sensitive Information Exposure

July 2, 2025

CVE ID : CVE-2024-13451

Published : July 2, 2025, 6:15 a.m. | 3 hours, 27 minutes ago

Description : The Contact Form by Bit Form: Multi Step Form, Calculation Contact Form, Payment Contact Form & Custom Contact Form builder plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 2.17.4 via file uploads due to insufficient directory listing prevention and lack of randomization of file names. This makes it possible for unauthenticated attackers to extract sensitive data including files uploaded via a form. The vulnerability was partially patched in version 2.17.5.

Severity: 5.3 | MEDIUM

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

Source: Read More

Previous ArticleCVE-2025-6464 – Forminator Forms Unauthenticated PHP Object Injection Vulnerability

Next Article CVE-2025-52463 – Active! Mail CSRF Email Sending

Full-Stack Techies vs Toptal: Which Is Better for React.js Outsourcing?

The AI productivity paradox in software engineering: Balancing efficiency and human skill retention

The impact of gray work on software development

CSS Intelligence: Speculating On The Future Of A Smarter Language

Your Roku has secret menus and screens – here’s how to unlock them

Add Paramount+, STARZ, and more to your Prime Video account for $0.99 a month – here’s how

My new favorite keychain accessory gives me 2TB of SSD storage instantly

HP’s latest OmniBook finally sold me on the 2-in-1 form factor (and it’s on sale)

Simplifying Stream Handling with Laravel’s resource Method

Simplifying Stream Handling with Laravel’s resource Method

Intelligent Parsing and Formatting of Names in PHP Applications

This Week in Laravel: Cursor Rules, Nightwatch Review, and Race Conditions

Microsoft confirms Windows 11 KB5060829 issues, but you can safely ignore it

Microsoft confirms Windows 11 KB5060829 issues, but you can safely ignore it

Hash Calculator – calculates around 50 cryptographic hashes of strings and files

Rilasciato Thunderbird 140 ESR: Un’attenzione alle esigenze aziendali

CVE-2024-13451 – Bit Form Contact Form Sensitive Information Exposure

Hackers Target Over 70 Microsoft Exchange Servers to Steal Credentials via Keyloggers

Citrix Releases Emergency Patches for Actively Exploited CVE-2025-6543 in NetScaler ADC

“Celebrate 25 years of Xbox with … a classic that’s been with us since the beginning.” Did Phil Spencer just tease a new Halo game for 2026?

Why this Lenovo Yoga is one of the best MacBook Air alternatives (and it’s $350 off)

Google DeepMind Introduces AlphaEvolve: A Gemini-Powered Coding AI Agent for Algorithm Discovery and Scientific Optimization

CVE-2025-4486 – iSourcecode Gym Management System SQL Injection Vulnerability

CVE-2025-40574 – “Siemens SCALANCE LPE9403 Privilege Escalation”

CodeSOD: Dating in Another Language

CVE-2025-24342 – CtrlX OS Username Guessing Information Disclosure Vulnerability

Apple unveils Liquid Glass at WWDC, but all I see is a sorry imitation of Windows Vista’s Aero Glass

CVE-2024-13451 – Bit Form Contact Form Sensitive Information Exposure

Related Posts