Known Vulnerabilities for products from Bestwebsoft

Listed below are 20 of the newest known vulnerabilities associated with the vendor "Bestwebsoft".

These CVEs are retrieved based on exact matches on listed vendor information (CPE data) as well as a keyword search to ensure the newest vulnerabilities with no officially listed vendor information are still displayed.

Data on known vulnerable products is also displayed based on information from known CPEs, each product links to its respective vulnerability page.

Known Vulnerabilities

CVE Shortened Description Severity Publish Date Last Modified
CVE-2026-24598 json Not Provided 2026-01-23 2026-04-23
CVE-2026-3618 json Not Provided 2026-04-08 2026-04-08
CVE-2025-63056 json Not Provided 2025-12-09 2026-04-23
CVE-2025-39527 json Not Provided 2025-04-17 2026-04-23
CVE-2025-31099 json Not Provided 2025-03-28 2026-04-23
CVE-2025-24628 json Not Provided 2025-01-27 2026-04-01
CVE-2025-13383 json Not Provided 2025-11-25 2026-04-08
CVE-2025-9950 json Not Provided 2025-10-11 2026-04-08
CVE-2024-51786 json Not Provided 2024-11-09 2026-04-23
CVE-2024-2200 json The Contact Form by BestWebSoft plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the ‘cntctfrm_cont... Not Provided 2024-04-09 2026-04-08
CVE-2023-36527 json Improper Neutralization of Formula Elements in a CSV File vulnerability in BestWebSoft Post to CSV by BestWebSoft.This issue ... 8.8 - HIGH 2023-11-07 2023-11-15
CVE-2023-36508 json Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in BestWebSoft Contact For... 9.8 - CRITICAL 2023-10-31 2023-11-08
CVE-2023-29096 json ** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new secur... 8.8 - HIGH 2023-12-20 2023-12-27
CVE-2023-28778 json Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in BestWebSoft Pagination plugin <= 1.2.2 versions. 4.8 - MEDIUM 2023-06-22 2023-06-28
CVE-2023-6250 json Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in BestWebSoft Pagination plugin <= 1.2.2 versions. 7.5 - HIGH 2023-12-26 2024-01-02
CVE-2023-4469 json The Profile Extra Fields by BestWebSoft plugin for WordPress is vulnerable to unauthorized access of data due to a missing ca... Not Provided 2023-10-06 2026-04-08
CVE-2023-0820 json The User Role by BestWebSoft WordPress plugin before 1.6.7 does not protect against CSRF in requests to update role capabilit... 8.8 - HIGH 2023-04-03 2023-11-07
CVE-2023-0765 json The Gallery by BestWebSoft WordPress plugin before 4.7.0 does not properly escape values used in SQL queries, leading to an B... 8.8 - HIGH 2023-04-17 2023-11-07
CVE-2023-0764 json The Gallery by BestWebSoft WordPress plugin before 4.7.0 does not perform proper sanitization of gallery information, leading... 5.4 - MEDIUM 2023-04-17 2023-11-07
CVE-2022-44734 json Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in BestWebSoft Car Rental by BestWebSoft plugin <= 1.1.2 vers... 4.8 - MEDIUM 2023-04-16 2023-04-21
Results limited to 20 most recent vulnerabilities

Known software with vulnerabilities from Bestwebsoft

Type Vendor Product Version
ApplicationBestwebsoftCaptcha1.0
ApplicationBestwebsoftCar Rental1.0.0
ApplicationBestwebsoftContact Form1.00
ApplicationBestwebsoftContact Form Multi1.0.1
ApplicationBestwebsoftContact Form To Db1.0
ApplicationBestwebsoftCustom Admin-
ApplicationBestwebsoftCustom Admin Page0.1
ApplicationBestwebsoftCustom Fields Search1.3.1
ApplicationBestwebsoftCustom Search1.01
ApplicationBestwebsoftDonate1.0
ApplicationBestwebsoftEmail Queue1.1.1
ApplicationBestwebsoftError Log Viewer1.0.0
ApplicationBestwebsoftFacebook Button1
ApplicationBestwebsoftFeatured Posts1.0.0
ApplicationBestwebsoftGallery1.01
ApplicationBestwebsoftGallery Categories1.0.8
ApplicationBestwebsoftGoogle Adsense1.43
ApplicationBestwebsoftGoogle Analytics1.0
ApplicationBestwebsoftGoogle Captcha1.12
ApplicationBestwebsoftGoogle Captcha Recaptcha1.12
Results limited to 20 most recent known configurations