31 matches found
CVE-2015-9333
The cforms2 plugin before 14.6.10 for WordPress has SQL injection...
Sql injection
The cforms2 plugin before 14.6.10 for WordPress has SQL injection...
Sql injection
The cforms2 plugin before 14.13 for WordPress has SQL injection in the tracking DB GUI via Delete Entries or Download Entries...
CVE-2015-9333
The cforms2 plugin before 14.6.10 for WordPress has SQL injection...
CVE-2017-18559
The cforms2 plugin before 14.13.3 for WordPress has multiple XSS issues...
CVE-2017-18559
The cforms2 plugin before 14.13.3 for WordPress has multiple XSS issues...
Cross site scripting
The cforms2 plugin before 14.13.3 for WordPress has multiple XSS issues...
CVE-2014-10377
The cforms2 plugin before 13.2 for WordPress has XSS in libajax.php...
PT-2019-7053 · WordPress · Cforms2
Name of the Vulnerable Software and Affected Versions: cforms2 plugin versions prior to 13.2 Description: The issue concerns a cross-site scripting XSS problem in the lib ajax.php file of the cforms2 plugin for WordPress. Recommendations: For versions prior to 13.2, update to version 13.2 or late...
CVE-2019-15238
The cforms2 plugin before 15.0.2 for WordPress has CSRF related to the IP address field...
CVE-2019-15238
The cforms2 plugin before 15.0.2 for WordPress has CSRF related to the IP address field...