CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

347 matches found

Positive Technologies•added 2024/11/21 12:0 a.m.•2 views

PT-2024-39830 · WordPress · Formidable Forms

Name of the Vulnerable Software and Affected Versions: Formidable Forms WordPress plugin versions prior to 6.14.1 Description: The issue allows high privilege users, such as admins, to perform Stored Cross-Site Scripting attacks. This can occur even when the unfiltered html capability is...

4.8CVSS5.9AI score0.00418EPSS

Exploits1References5

CVE•added 2024/11/18 9:54 p.m.•46 views

CVE-2024-52347

CVE-2024-52347 is a stored XSS vulnerability described as Improper Neutralization of Input During Web Page Generation in the WordPress plugin/theme stack “Website remote Install vor Gravity, WPForms, Formidable, Ninja, Caldera” (affected from n/a to 4.0). The issue arises from inadequate input ne...

6.5CVSS7.3AI score0.00217EPSS

Exploits0References1

Cvelist•added 2024/11/18 9:54 p.m.•23 views

CVE-2024-52347 WordPress Website remote Install vor Gravity, WPForms, Formidable, Ninja, Caldera plugin <= 4.0 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in wpwebsitecreator Website remote Install vor Gravity, WPForms, Formidable, Ninja, Caldera wp-website-creator allows Stored XSS.This issue affects Website remote Install vor Gravity, WPForms,...

6.5CVSS0.00217EPSS

Exploits0References1

CNNVD•added 2024/11/18 12:0 a.m.•2 views

WordPress plugin Website remote Install vor Gravity, WPForms, Formidable, Ninja, Caldera 跨站脚本漏洞

WordPress and WordPress plugin are products of the WordPress Foundation, a blogging platform developed in PHP. WordPress plugin is an application plugin that allows you to set up a personal blog site on a PHP and MySQL server. WordPress plugin Website remote Install vor Gravity, WPForms,...

6.5CVSS7.5AI score0.00217EPSS

Exploits0References1

Patchstack•added 2024/11/08 6:12 p.m.•2 views

WordPress Website remote Install vor Gravity, WPForms, Formidable, Ninja, Caldera plugin <= 4.0 - Cross Site Scripting (XSS) vulnerability

Cross Site Scripting XSS vulnerability discovered by SOPROBRO Patchstack Alliance in WordPress Plugin Website remote Install vor Gravity, WPForms, Formidable, Ninja, Caldera versions = 4.0...

6.5CVSS6.2AI score0.00217EPSS

Exploits0Affected Software1

Patchstack•added 2024/11/08 12:0 a.m.•12 views

WordPress Website remote Install vor Gravity, WPForms, Formidable, Ninja, Caldera Plugin <= 4.0 is vulnerable to Cross Site Scripting (XSS)

Software Website remote Install vor Gravity, WPForms, Formidable, Ninja, Caldera Type Plugin Vulnerable versions = 4.0 Fixed in N/A OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2024-52347 Patch priority Low CVSS severity Low 6.5 Developer Claim ownership PSID...

6.5CVSS7AI score0.00217EPSS

Exploits0References1Affected Software1

NVD•added 2024/10/16 8:15 a.m.•15 views

CVE-2017-20194

The Formidable Form Builder plugin for WordPress is vulnerable to Sensitive Data Exposure in versions up to, and including, 2.05.03 via the frmformspreview AJAX action. This makes it possible for unauthenticated attackers to export all of the form entries for a given form...

5.3CVSS0.01098EPSS

Exploits1References2

Cvelist•added 2024/10/16 7:31 a.m.•17 views

CVE-2017-20194 Formidable Form Builder < 2.05.03 - Unauthenticated Information Disclosure

5.3CVSS0.01098EPSS

Exploits1References2

CVE•added 2024/10/16 7:31 a.m.•49 views

CVE-2017-20194

CVE-2017-20194 affects Formidable Form Builder for WordPress. The vulnerability is an unauthenticated information disclosure via the frm_forms_preview AJAX action in versions up to 2.05.03, allowing retrieval/export of all form entries for a given form. Impact is sensitive data exposure; no explo...

5.3CVSS5.2AI score0.01098EPSS

Exploits1References2Affected Software1

OSV•added 2024/10/16 7:15 a.m.•2 views

CVE-2017-20192

The Formidable Form Builder plugin for WordPress is vulnerable to Stored Cross-Site Scripting via multiple parameters submitted during form entries like 'afterhtml' in versions before 2.05.03 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated...

6.1CVSS5.9AI score

Exploits0References3

Cvelist•added 2024/10/16 6:43 a.m.•27 views

CVE-2017-20192 Formidable Form Builder < 2.05.03 - Unauthenticated Stored Cross-Site Scripting

8.3CVSS0.00999EPSS

Exploits2References3

Vulnrichment•added 2024/10/16 6:43 a.m.•14 views

CVE-2017-20192 Formidable Form Builder < 2.05.03 - Unauthenticated Stored Cross-Site Scripting

8.3CVSS6.3AI score0.00999EPSS

Exploits2References3

Positive Technologies•added 2024/10/16 12:0 a.m.•2 views

PT-2024-10603 · WordPress · Formidable Form Builder

Name of the Vulnerable Software and Affected Versions: Formidable Form Builder plugin for WordPress versions up to, and including, 2.05.03 Description: The issue allows unauthenticated attackers to export all form entries for a given form via the frm forms preview AJAX action. This enables the...

5.3CVSS7.3AI score0.01098EPSS

Exploits1References6

Positive Technologies•added 2024/10/16 12:0 a.m.•8 views

PT-2024-10601

Name of the Vulnerable Software and Affected Versions Formidable Form Builder plugin for WordPress versions prior to 2.05.03 Description The issue allows unauthenticated attackers to inject arbitrary web scripts that execute in a victim's browser due to insufficient input sanitization and output...

8.3CVSS5.8AI score0.00999EPSS

Exploits2References7

CNNVD•added 2024/10/16 12:0 a.m.•7 views

WordPress plugin Formidable Form Builder 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A cross-site scripting...

8.3CVSS6AI score0.00999EPSS

Exploits2References5

CNNVD•added 2024/10/16 12:0 a.m.•2 views

WordPress plugin Formidable Form Builder 信息泄露漏洞

5.3CVSS6.1AI score0.01098EPSS

Exploits1References2

VulnCheck KEV•added 2024/10/15 12:0 a.m.•2 views

VulnCheck KEV: CVE-2017-20192

8.3CVSS5.8AI score0.00999EPSS

Exploits2References1

VulnCheck KEV•added 2024/10/15 12:0 a.m.•1 views

VulnCheck KEV: CVE-2017-20194

5.3CVSS5.8AI score0.01098EPSS

Exploits1References1

OSV•added 2024/07/31 11:15 a.m.•2 views

CVE-2024-6725

The Formidable Forms – Contact Form Plugin, Survey, Quiz, Payment, Calculator Form & Custom Form Builder plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘html’ parameter in all versions up to, and including, 6.11.1 due to insufficient input sanitization and output...

5.4CVSS5.9AI score0.00352EPSS

Exploits0References3

NVD•added 2024/07/31 11:15 a.m.•19 views

CVE-2024-6725

5.4CVSS0.00352EPSS

Exploits0References3

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by