CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

305 matches found

Positive Technologies•added 2026/03/10 12:0 a.m.•2 views

PT-2026-24196

Name of the Vulnerable Software and Affected Versions MetForm Pro plugin for WordPress versions through 3.9.6 Description The MetForm Pro plugin for WordPress is susceptible to Stored Cross-Site Scripting through the Quiz feature. Insufficient input sanitization and output escaping allow...

7.2CVSS6AI score0.00139EPSS

Exploits0References10

Patchstack•added 2026/01/26 6:57 a.m.•5 views

WordPress MetForm - Contact Form, Survey, Quiz, & Custom Form Builder for Elementor plugin <= 4.1.0 - Unauthenticated Form Submission Exposure via Forgeable Cookie Value vulnerability

WordPress MetForm - Contact Form, Survey, Quiz, & Custom Form Builder for Elementor plugin = 4.1.0 - Unauthenticated Form Submission Exposure via Forgeable Cookie Value vulnerability discovered by type5afe in WordPress Plugin Metform versions = 4.1.0...

3.7CVSS5.9AI score0.0007EPSS

Exploits0References1Affected Software1

RedhatCVE•added 2026/01/25 9:16 a.m.•5 views

CVE-2026-0633

The MetForm – Contact Form, Survey, Quiz, & Custom Form Builder for Elementor plugin for WordPress is vulnerable to Sensitive Information Exposure in versions up to, and including, 4.1.0. This is due to the use of a forgeable cookie value derived only from the entry ID and current user ID without...

3.7CVSS5.5AI score0.0007EPSS

Exploits0References1

NVD•added 2026/01/24 9:15 a.m.•4 views

CVE-2026-0633

3.7CVSS0.0007EPSS

Exploits0References2

Vulnrichment•added 2026/01/24 8:26 a.m.•3 views

CVE-2026-0633 MetForm – Contact Form, Survey, Quiz, & Custom Form Builder for Elementor <= 4.1.0 - Unauthenticated Form Submission Exposure via Forgeable Cookie Value

3.7CVSS5.9AI score0.0007EPSS

Exploits0References2

CVE•added 2026/01/24 8:26 a.m.•15 views

CVE-2026-0633

MetForm – Contact Form, Survey, Quiz, & Custom Form Builder for Elementor (WordPress)

3.7CVSS5.5AI score0.0007EPSS

Exploits0References2

Cvelist•added 2026/01/24 8:26 a.m.•26 views

CVE-2026-0633 MetForm – Contact Form, Survey, Quiz, & Custom Form Builder for Elementor <= 4.1.0 - Unauthenticated Form Submission Exposure via Forgeable Cookie Value

3.7CVSS0.0007EPSS

Exploits0References2

ATTACKERKB•added 2026/01/24 8:26 a.m.•3 views

CVE-2026-0633

3.7CVSS5.9AI score0.0007EPSS

Exploits0References3

Positive Technologies•added 2026/01/24 12:0 a.m.•2 views

PT-2026-4593

3.7CVSS5.5AI score0.0007EPSS

Exploits0References3

CNNVD•added 2026/01/24 12:0 a.m.•4 views

WordPress plugin MetForm has a licensing issue vulnerability

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application that can be install...

3.7CVSS5.8AI score0.0007EPSS

Exploits0References3

Patchstack•added 2026/01/12 3:14 p.m.•3 views

WordPress MetForm Pro plugin <= 3.9.1 - Broken Access Control vulnerability

Broken Access Control vulnerability discovered by Phat RiO - BlueRock in WordPress Plugin MetForm Pro versions = 3.9.1...

5.4AI score

Exploits0Affected Software1

NVD•added 2026/01/07 12:16 p.m.•1 views

CVE-2025-14059

The EmailKit plugin for WordPress is vulnerable to Arbitrary File Read via Path Traversal in all versions up to, and including, 1.6.1. This is due to missing path validation in the createtemplate REST API endpoint where user-controlled input from the emailkit-editor-template parameter is passed...

6.5CVSS0.00033EPSS

Exploits0References3