CVE-2024-34437 WordPress Form Maker by 10Web plugin <= 1.15.24 - Cross Site Scripting (XSS) vulnerability

🗓️ 09 May 2024 11:03:03Reported by PatchstackType

CVE-2024-34437 WordPress Form Maker by 10Web plugin XSS vulnerabilit

Reporter	Title	Published	Views	Family All 11
CNNVD	WordPress plugin Form Maker by 10Web 跨站脚本漏洞	14 May 202400:00	–	cnnvd
CVE	CVE-2024-34437	9 May 202411:03	–	cve
EUVD	EUVD-2024-34798	3 Oct 202520:07	–	euvd
NVD	CVE-2024-34437	14 May 202415:39	–	nvd
OSV	CVE-2024-34437	14 May 202415:39	–	osv
Patchstack	WordPress Form Maker by 10Web Plugin <= 1.15.24 is vulnerable to Cross Site Scripting (XSS)	7 May 202400:00	–	patchstack
Patchstack	WordPress Form Maker by 10Web plugin <= 1.15.24 - Cross Site Scripting (XSS) vulnerability	7 May 202407:58	–	patchstack
RedhatCVE	CVE-2024-34437	9 Jan 202609:06	–	redhatcve
Vulnrichment	CVE-2024-34437 WordPress Form Maker by 10Web plugin <= 1.15.24 - Cross Site Scripting (XSS) vulnerability	9 May 202411:03	–	vulnrichment
Wordfence Blog	Wordfence Intelligence Weekly WordPress Vulnerability Report (May 6, 2024 to May 12, 2024)	16 May 202413:04	–	wordfence

[
  {
    "collectionURL": "https://wordpress.org/plugins",
    "defaultStatus": "unaffected",
    "packageName": "form-maker",
    "product": "Form Maker by 10Web",
    "vendor": "10Web Form Builder Team",
    "versions": [
      {
        "changes": [
          {
            "at": "1.15.25",
            "status": "unaffected"
          }
        ],
        "lessThanOrEqual": "1.15.24",
        "status": "affected",
        "version": "n/a",
        "versionType": "custom"
      }
    ]
  }
]

Source	Link
patchstack	www.patchstack.com/database/vulnerability/form-maker/wordpress-form-maker-by-10web-plugin-1-15-24-cross-site-scripting-xss-vulnerability

28 Apr 2026 16:09Current

6.3Medium risk

Vulners AI Score6.3

CVSS 3.15.9

EPSS0.00444

CWE-79