Lucene search
+L

273 matches found

Patchstack
Patchstack
added 2025/03/21 9:9 p.m.7 views

WordPress Fluent Forms plugin <= 5.2.12 - IP-Spoofing vulnerability

IP-Spoofing vulnerability discovered by shaman0x01 in WordPress Plugin FluentForm versions = 5.2.12...

5.3CVSS8.9AI score0.00268EPSS
Exploits0References1Affected Software1
RedhatCVE
RedhatCVE
added 2025/03/05 2:59 p.m.8 views

CVE-2025-23904

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in rebrandpress Rebrand Fluent Forms rebrand-fluent-forms allows Reflected XSS.This issue affects Rebrand Fluent Forms: from n/a through = 1.0...

7.1CVSS5.9AI score0.00363EPSS
Exploits0References1
NVD
NVD
added 2025/03/03 2:15 p.m.7 views

CVE-2025-23904

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in rebrandpress Rebrand Fluent Forms rebrand-fluent-forms allows Reflected XSS.This issue affects Rebrand Fluent Forms: from n/a through = 1.0...

7.1CVSS0.00363EPSS
Exploits0References1
Cvelist
Cvelist
added 2025/03/03 1:30 p.m.15 views

CVE-2025-23904 WordPress Rebrand Fluent Forms Plugin <= 1.0 - Reflected Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in rebrandpress Rebrand Fluent Forms rebrand-fluent-forms allows Reflected XSS.This issue affects Rebrand Fluent Forms: from n/a through = 1.0...

7.1CVSS0.00363EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2025/03/03 1:30 p.m.4 views

CVE-2025-23904 WordPress Rebrand Fluent Forms Plugin <= 1.0 - Reflected Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in rebrandpress Rebrand Fluent Forms rebrand-fluent-forms allows Reflected XSS.This issue affects Rebrand Fluent Forms: from n/a through = 1.0...

7.1CVSS5.9AI score0.00363EPSS
Exploits0References1
CVE
CVE
added 2025/03/03 1:30 p.m.57 views

CVE-2025-23904

CVE-2025-23904 concerns the WordPress/Rebrand Fluent Forms plugin (versions

7.1CVSS5.9AI score0.00363EPSS
Exploits0References1
CNNVD
CNNVD
added 2025/03/03 12:0 a.m.3 views

WordPress plugin Rebrand Fluent Forms 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A cross-site scripting vulnerability exists...

7.1CVSS5.9AI score0.00363EPSS
Exploits0References3
RedhatCVE
RedhatCVE
added 2025/02/05 2:11 a.m.11 views

CVE-2024-2782

The Contact Form Plugin by Fluent Forms for Quiz, Survey, and Drag & Drop WP Form Builder plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the /wp-json/fluentform/v1/global-settings REST API endpoint in all versions up to, and including,...

7.5CVSS6.6AI score0.0123EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/02/05 12:11 a.m.32 views

CVE-2024-4157

The Contact Form Plugin by Fluent Forms for Quiz, Survey, and Drag & Drop WP Form Builder plugin for WordPress is vulnerable to PHP Object Injection in all versions up to, and including, 5.1.15 via deserialization of untrusted input in the extractDynamicValues function. This makes it possible for...

9.8CVSS9.4AI score0.02333EPSS
Exploits2References1
RedhatCVE
RedhatCVE
added 2025/02/05 12:3 a.m.19 views

CVE-2024-4709

The Contact Form Plugin by Fluent Forms for Quiz, Survey, and Drag & Drop WP Form Builder plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘subject’ parameter in versions up to, and including, 5.1.16 due to insufficient input sanitization and output escaping. This makes i...

7.2CVSS5.8AI score0.00387EPSS
Exploits0References1
Patchstack
Patchstack
added 2025/01/16 6:42 p.m.5 views

WordPress Rebrand Fluent Forms Plugin <= 1.0 - Reflected Cross Site Scripting (XSS) vulnerability

Reflected Cross Site Scripting XSS vulnerability discovered by João Pedro S Alcântara Kinorth in WordPress Plugin Rebrand Fluent Forms versions = 1.0...

7.1CVSS6.1AI score0.00363EPSS
Exploits0Affected Software1
OSV
OSV
added 2024/12/14 6:15 a.m.4 views

CVE-2024-10646

The Contact Form Plugin by Fluent Forms for Quiz, Survey, and Drag & Drop WP Form Builder plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the form's subject parameter in all versions up to, and including, 5.2.6 due to insufficient input sanitization and output escaping. This...

6.1CVSS6AI score0.00347EPSS
Exploits0References3
NVD
NVD
added 2024/12/14 6:15 a.m.28 views

CVE-2024-10646

The Contact Form Plugin by Fluent Forms for Quiz, Survey, and Drag & Drop WP Form Builder plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the form's subject parameter in all versions up to, and including, 5.2.6 due to insufficient input sanitization and output escaping. This...

7.2CVSS0.00347EPSS
Exploits0References3
Cvelist
Cvelist
added 2024/12/14 5:34 a.m.44 views

CVE-2024-10646 Contact Form Plugin by Fluent Forms for Quiz, Survey, and Drag & Drop WP Form Builder <= 5.2.6 - Unauthenticated Stored Cross-Site Scripting via Form Subject

The Contact Form Plugin by Fluent Forms for Quiz, Survey, and Drag & Drop WP Form Builder plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the form's subject parameter in all versions up to, and including, 5.2.6 due to insufficient input sanitization and output escaping. This...

7.2CVSS0.00347EPSS
Exploits0References3
CVE
CVE
added 2024/12/14 5:34 a.m.79 views

CVE-2024-10646

CVE-2024-10646 relates to the WordPress plugin Fluent Forms – Contact Forms, Survey & Form Builder . The vulnerability is a Stored Cross-Site Scripting (XSS) in the form’s subject parameter, exploitable in all versions up to 5.2.6 due to insufficient input sanitization and output escaping. The im...

7.2CVSS6.3AI score0.00347EPSS
Exploits0References3Affected Software1
Vulnrichment
Vulnrichment
added 2024/12/14 5:34 a.m.18 views

CVE-2024-10646 Contact Form Plugin by Fluent Forms for Quiz, Survey, and Drag & Drop WP Form Builder <= 5.2.6 - Unauthenticated Stored Cross-Site Scripting via Form Subject

The Contact Form Plugin by Fluent Forms for Quiz, Survey, and Drag & Drop WP Form Builder plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the form's subject parameter in all versions up to, and including, 5.2.6 due to insufficient input sanitization and output escaping. This...

7.2CVSS6AI score0.00347EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2024/12/14 12:0 a.m.7 views

PT-2024-16428 · Fluent Forms · Contact Form Plugin By Fluent Forms

Name of the Vulnerable Software and Affected Versions: Contact Form Plugin by Fluent Forms for Quiz, Survey, and Drag & Drop WP Form Builder versions prior to 5.2.6 Description: The issue is related to Stored Cross-Site Scripting via the form's subject parameter due to insufficient input...

7.2CVSS6.5AI score0.00347EPSS
Exploits0References16
Vulnrichment
Vulnrichment
added 2024/12/13 2:24 p.m.14 views

CVE-2023-41952 WordPress Fluent Forms plugin <= 5.0.8 - Broken Access Control vulnerability

Missing Authorization vulnerability in Shahjahan Jewel FluentForm fluentform allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects FluentForm: from n/a through = 5.0.8...

5.3CVSS7.3AI score0.00461EPSS
Exploits0References1
Patchstack
Patchstack
added 2024/12/09 6:32 a.m.5 views

WordPress Fluent Forms plugin < 5.2.1 - Admin+ Stored XSS vulnerability

Admin+ Stored XSS vulnerability discovered by Krugov Artyom in WordPress Plugin FluentForm versions 5.2.1...

6.1CVSS6.1AI score0.00357EPSS
Exploits1References1Affected Software1
OSV
OSV
added 2024/12/09 6:15 a.m.3 views

CVE-2024-9651

The Fluent Forms WordPress plugin before 5.2.1 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for example in multisite setup...

6.1CVSS7.3AI score0.00357EPSS
Exploits1References1
Rows per page
Query Builder