Lucene search

Form Builder Security Vulnerabilities

cve

CVE-2017-6070

CMS Made Simple version 1.x Form Builder before version 0.8.1.6 allows remote attackers to execute PHP code via the cntnt01fbrp_forma_form_template parameter in admin_store_form.

9.8CVSS

9.6AI Score

0.009EPSS

2017-02-21 07:59 AM

cve

CVE-2017-6071

CMS Made Simple version 1.x Form Builder before version 0.8.1.6 allows remote attackers to conduct information-disclosure attacks via exportxml.

5.3CVSS

5.4AI Score

0.002EPSS

2017-02-21 07:59 AM

cve

CVE-2017-6072

CMS Made Simple version 1.x Form Builder before version 0.8.1.6 allows remote attackers to conduct information-disclosure attacks via defaultadmin.

5.3CVSS

5.4AI Score

0.002EPSS

2017-02-21 07:59 AM

cve

CVE-2021-24513

The Form Builder | Create Responsive Contact Forms WordPress plugin before 1.9.8.4 does not sanitise or escape its Form Title, allowing high privilege users such as admin to set Cross-Site Scripting payload in them, even when the unfiltered_html capability is disallowed

5.4CVSS

5.1AI Score

0.001EPSS

2021-09-06 11:15 AM

cve

CVE-2023-23795

Cross-Site Request Forgery (CSRF) vulnerability in Muneeb Form Builder plugin <= 1.9.9.0 versions.

8.8CVSS

8.8AI Score

0.001EPSS

2023-06-22 12:15 PM

cve

CVE-2023-23796

Improper Neutralization of Formula Elements in a CSV File vulnerability in Muneeb Form Builder | Create Responsive Contact Forms.This issue affects Form Builder | Create Responsive Contact Forms: from n/a through 1.9.9.0.

9.8CVSS

9.3AI Score

0.001EPSS

2023-11-07 04:15 PM