Lucene search

Cformsii Security Vulnerabilities

cve

CVE-2014-10377

The cforms2 plugin before 13.2 for WordPress has XSS in lib_ajax.php.

6.1CVSS

6AI Score

0.001EPSS

2019-08-21 07:15 PM

cve

CVE-2014-10392

The cforms2 plugin before 10.2 for WordPress has XSS.

6.1CVSS

6.4AI Score

0.001EPSS

2019-08-22 07:15 PM

cve

CVE-2014-10393

The cforms2 plugin before 10.5 for WordPress has XSS.

6.1CVSS

6.4AI Score

0.001EPSS

2019-08-22 08:15 PM

cve

CVE-2014-9473

Unrestricted file upload vulnerability in lib_nonajax.php in the CformsII plugin 14.7 and earlier for WordPress allows remote attackers to execute arbitrary code by uploading a file with an executable extension via the cf_uploadfile2[] parameter, then accessing the file via a direct request to the ...

8AI Score

0.039EPSS

2015-01-08 12:59 AM

cve

CVE-2015-9333

The cforms2 plugin before 14.6.10 for WordPress has SQL injection.

9.8CVSS

9.9AI Score

0.002EPSS

2019-08-22 01:15 PM

cve

CVE-2017-18559

The cforms2 plugin before 14.13.3 for WordPress has multiple XSS issues.

6.1CVSS

6.1AI Score

0.001EPSS

2019-08-21 07:15 PM

cve

CVE-2017-18570

The cforms2 plugin before 14.13 for WordPress has SQL injection in the tracking DB GUI via Delete Entries or Download Entries.

9.8CVSS

9.9AI Score

0.001EPSS

2019-08-22 01:15 PM

cve

CVE-2019-15238

The cforms2 plugin before 15.0.2 for WordPress has CSRF related to the IP address field.

8.8CVSS

8.6AI Score

0.001EPSS

2019-08-20 03:15 PM

cve

CVE-2023-25449

Cross-Site Request Forgery (CSRF) vulnerability in Oliver Seidel, Bastian Germann cformsII plugin <= 15.0.4 versions.

8.8CVSS

8.8AI Score

0.001EPSS

2023-06-15 12:15 PM

cve

CVE-2023-52203

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Oliver Seidel, Bastian Germann cformsII allows Stored XSS.This issue affects cformsII: from n/a through 15.0.5.

5.9CVSS

5.4AI Score

0.0004EPSS

2024-01-08 08:15 PM