Kleor Contact Manager
4 CVEs affecting Kleor Contact Manager. Latest disclosed: 2026-03-25. Critical: 0, High: 3.
| CVE | Severity | Score | Published | Summary |
|---|---|---|---|---|
CVE-2025-68853 | High | 8.8 | 2026-02-20 | Deserialization of Untrusted Data vulnerability in Kleor Contact Manager contact-manager allows Object Injection.This issue affects Contact Manager: from n/a t… |
CVE-2025-1028 | High | 8.1 | 2025-02-05 | The Contact Manager plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the contact form upload feature in all… |
CVE-2026-32517 | High | 7.1 | 2026-03-25 | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Kleor Contact Manager contact-manager allows Reflected XS… |
CVE-2025-8783 | Medium | 4.4 | 2025-08-19 | The Contact Manager plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'title’ parameter in all versions up to, and including, 8.6.5 due… |