WordPress Fluent Forms – Customizable Contact Forms, Survey, Quiz, & Conversational Form Builder plugin <= 6.2.1 - Authenticated (Contributor+) Stored Cross-Site Scripting vulnerability

Authenticated Contributor+ Stored Cross-Site Scripting vulnerability discovered by zaim in WordPress Plugin FluentForm versions = 6.2.1...

CVE-2026-25313

Missing Authorization vulnerability in Shahjahan Jewel FluentForm fluentform allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects FluentForm: from n/a through = 6.1.14...

CVE-2026-25313

Missing Authorization vulnerability in Shahjahan Jewel FluentForm fluentform allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects FluentForm: from n/a through = 6.1.14...

CVE-2026-25313 WordPress FluentForm plugin <= 6.1.14 - Broken Access Control vulnerability

Missing Authorization vulnerability in Shahjahan Jewel FluentForm fluentform allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects FluentForm: from n/a through = 6.1.14...

CVE-2026-25313

Missing Authorization vulnerability in Shahjahan Jewel FluentForm fluentform allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects FluentForm: from n/a through = 6.1.14...

CVE-2026-25313

CVE-2026-25313 relates to the WordPress FluentForm plugin (versions up to 6.1.14). The Red Hat/NVD entries describe a Missing Authorization vulnerability in FluentForm that allows exploitation through incorrectly configured access control security levels. The CVSS 3.1 metrics indicate a network a...

CVE-2026-25313 WordPress FluentForm plugin <= 6.1.14 - Broken Access Control vulnerability

Missing Authorization vulnerability in Shahjahan Jewel FluentForm fluentform allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects FluentForm: from n/a through = 6.1.14...

WordPress plugin FluentForm 安全漏洞

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application extension. WordPres...

PT-2026-20684

Missing Authorization vulnerability in Shahjahan Jewel FluentForm fluentform allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects FluentForm: from n/a through = 6.1.14...

WordPress FluentForm plugin <= 5.1.19 - Authenticated (Subscriber+) Stored Cross-Site Scripting via Welcome Screen Fields vulnerability

Authenticated Subscriber+ Stored Cross-Site Scripting via Welcome Screen Fields vulnerability discovered by zer0gh0st in WordPress Plugin FluentForm versions = 5.1.19...

WordPress FluentForm plugin <= 5.1.19 - Authenticated (Administrator+) Stored Cross-Site Scripting vulnerability

Authenticated Administrator+ Stored Cross-Site Scripting vulnerability discovered by Joel Indra - Monarch Digital Indonesia in WordPress Plugin FluentForm versions = 5.1.19...

WordPress FluentForm plugin <= 6.1.14 - Broken Access Control vulnerability

Broken Access Control vulnerability discovered by benzdeus in WordPress Plugin FluentForm versions = 6.1.14...

CVE-2025-69001

Improper Control of Generation of Code 'Code Injection' vulnerability in Shahjahan Jewel FluentForm fluentform allows Code Injection.This issue affects FluentForm: from n/a through = 6.1.11...

CVE-2025-69001

Improper Control of Generation of Code 'Code Injection' vulnerability in Shahjahan Jewel FluentForm fluentform allows Code Injection.This issue affects FluentForm: from n/a through = 6.1.11...

CVE-2025-69001 WordPress FluentForm plugin <= 6.1.11 - Arbitrary Shortcode Execution vulnerability

Improper Control of Generation of Code 'Code Injection' vulnerability in Shahjahan Jewel FluentForm fluentform allows Code Injection.This issue affects FluentForm: from n/a through = 6.1.11...

CVE-2025-69001

CVE-2025-69001 affects the WordPress plugin FluentForm (FluentForm/fluentform) up to version 6.1.11. The issue is an Improper Control of Generation of Code (Code Injection) that enables Arbitrary Shortcode Execution. Public sources (NVD/Red Hat/ CVE records) confirm the vulnerability and indicate...

CVE-2025-69001

Improper Control of Generation of Code 'Code Injection' vulnerability in Shahjahan Jewel FluentForm fluentform allows Code Injection.This issue affects FluentForm: from n/a through = 6.1.11...

CVE-2025-69001 WordPress FluentForm plugin <= 6.1.11 - Arbitrary Shortcode Execution vulnerability

Improper Control of Generation of Code 'Code Injection' vulnerability in Shahjahan Jewel FluentForm fluentform allows Code Injection.This issue affects FluentForm: from n/a through = 6.1.11...

PT-2026-4118

Name of the Vulnerable Software and Affected Versions FluentForm versions through 6.1.11 Description A code injection issue exists in FluentForm. The issue involves improper control of code generation, potentially allowing for code injection. Recommendations Update FluentForm to a version later...

WordPress plugin FluentForm has a code injection vulnerability

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application extension. WordPres...