CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

Missing Authorization vulnerability in flothemesplugins Flo Forms flo-forms allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Flo Forms: from n/a through = 1.0.41...

4.3CVSS7.3AI score0.00134EPSS

Exploits0References1

NVD•added 2025/01/02 12:15 p.m.•3 views

CVE-2023-47692

4.3CVSS0.00134EPSS

Exploits0References1

NVD•added 2024/05/17 11:15 a.m.•7 views

CVE-2024-35174

Missing Authorization vulnerability in Flothemes Flo Forms.This issue affects Flo Forms: from n/a through 1.0.42...

5.3CVSS5.8AI score0.00155EPSS

Exploits0References1

CVE•added 2024/05/17 10:18 a.m.•58 views

CVE-2024-35174

CVE-2024-35174 is a Missing Authorization vulnerability in the Flo Forms plugin for WordPress, affecting Flo Forms versions up to 1.0.42. The root cause, per sources, is broken access control that permits unauthorized access to Flo Forms data; exploitation details are not provided in the document...

5.3CVSS6.3AI score0.00155EPSS

Exploits0References1

Positive Technologies•added 2024/05/17 12:0 a.m.•3 views

PT-2024-26356 · Flothemes · Flo Forms

Name of the Vulnerable Software and Affected Versions: Flo Forms versions 1.0.42 and earlier Description: The issue is related to a Missing Authorization vulnerability in Flothemes Flo Forms. Recommendations: For versions 1.0.42 and earlier, update to a version later than 1.0.42 to resolve the...

5.3CVSS7.1AI score0.00155EPSS

Exploits0References4

NVD•added 2023/06/20 2:15 p.m.•13 views

CVE-2023-35095

Auth. admin+ Stored Cross-Site Scripting XSS vulnerability in Flothemes Flo Forms – Easy Drag & Drop Form Builder plugin = 1.0.40 versions...

5.9CVSS5.4AI score0.0008EPSS

Exploits0References1

OSV•added 2023/06/20 2:15 p.m.•1 views

CVE-2023-35095

Auth. admin+ Stored Cross-Site Scripting XSS vulnerability in Flothemes Flo Forms – Easy Drag & Drop Form Builder plugin = 1.0.40 versions...

4.8CVSS7.3AI score

Exploits0References1

Prion•added 2023/06/20 2:15 p.m.•13 views

Cross site scripting

Auth. admin+ Stored Cross-Site Scripting XSS vulnerability in Flothemes Flo Forms – Easy Drag & Drop Form Builder plugin = 1.0.40 versions...

4.3CVSS4.8AI score0.0008EPSS

Exploits0References1Affected Software1

CVE•added 2023/06/20 1:30 p.m.•37 views

CVE-2023-35095

CVE-2023-35095 affects the WordPress plugin Flo Forms – Easy Drag & Drop Form Builder (Flothemes) up to version 1.0.40. The vulnerability is an authenticated (admin+) Stored Cross‑Site Scripting (XSS) flaw in Flo Forms, requiring admin privileges to exploit. The issue is grounded in the plugin’s ...

5.9CVSS5.1AI score0.0008EPSS

Exploits0References1Affected Software1

Positive Technologies•added 2023/06/20 12:0 a.m.•2 views

PT-2023-25144 · Flothemes · The Flo Forms – Easy Drag & Drop Form Builder

Name of the Vulnerable Software and Affected Versions: Flothemes Flo Forms – Easy Drag & Drop Form Builder plugin versions 1.0.40 and earlier Description: The issue is related to a Stored Cross-Site Scripting XSS vulnerability that requires authentication with admin+ privileges. This vulnerabilit...

5.9CVSS5.2AI score0.0008EPSS

Exploits0References4

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by