CVE-2025-32213

Missing Authorization vulnerability in flothemesplugins Flo Forms flo-forms allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Flo Forms: from n/a through = 1.0.43...

CVE-2025-32205

Improper Limitation of a Pathname to a Restricted Directory 'Path Traversal' vulnerability in piotnetdotcom Piotnet Forms piotnetforms.This issue affects Piotnet Forms: from n/a through = 1.0.30...

CVE-2025-32213 WordPress Flo Forms plugin <= 1.0.43 - Broken Access Control vulnerability

Missing Authorization vulnerability in flothemesplugins Flo Forms flo-forms allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Flo Forms: from n/a through = 1.0.43...

CVE-2025-32213

CVE-2025-32213 (Flo Forms – Flo Forms plugin for WordPress) is a Missing Authorization vulnerability in Flo Forms

CVE-2025-32213 WordPress Flo Forms plugin <= 1.0.43 - Broken Access Control vulnerability

Missing Authorization vulnerability in flothemesplugins Flo Forms flo-forms allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Flo Forms: from n/a through = 1.0.43...

CVE-2025-32205

CVE-2025-32205 concerns Piotnet Forms. A path traversal issue affects Piotnet Forms versions from any earlier release up to 1.0.30. The vulnerability is currently listed as Unpatched in Wordfence/related sources, with a CVSS v3.1 base score of 2.7 (LOW). No exploitation details are provided in th...

CVE-2025-32205 WordPress Piotnet Forms plugin <= 1.0.30 - Path Traversal vulnerability

Improper Limitation of a Pathname to a Restricted Directory 'Path Traversal' vulnerability in piotnetdotcom Piotnet Forms piotnetforms.This issue affects Piotnet Forms: from n/a through = 1.0.30...

WordPress plugin Piotnet Forms 路径遍历漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platforms developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A path traversal...

WordPress plugin Payment Forms for Paystack 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on servers running PHP and MySQL.WordPress plugin is an application plugin. A cross-site scripting vulnerabilit...

PT-2025-15946 · Flo Forms · Flo Forms

Name of the Vulnerable Software and Affected Versions: Flo Forms versions 1.0.43 and earlier Description: The issue is related to a Missing Authorization vulnerability, allowing the exploitation of incorrectly configured access control security levels. This enables unauthorized access control...

WordPress plugin Flo Forms 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platforms developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security...

Wapiti Web Application Vulnerability Scanner 3.2.4

Wapiti is a web application vulnerability scanner. It will scan the web pages of a deployed web application and will fuzz the URL parameters and forms to find common web vulnerabilities...

WordPress Payment Forms for Paystack plugin <= 4.0.2 - Authenticated (Contributor+) Stored Cross-Site Scripting vulnerability

Authenticated Contributor+ Stored Cross-Site Scripting vulnerability discovered by Peter Thaleikis in WordPress Plugin Payment Forms for Paystack versions = 4.0.2...

CVE-2025-32692

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in WP Shuffle WP Subscription Forms wp-subscription-forms allows PHP Local File Inclusion.This issue affects WP Subscription Forms: from n/a through = 1.2.4...

CVE-2025-32667

Cross-Site Request Forgery CSRF vulnerability in fromdoppler Doppler Forms doppler-form allows Stored XSS.This issue affects Doppler Forms: from n/a through = 2.5.1...

CVE-2025-32667 WordPress Doppler Forms plugin <= 2.4.5 - CSRF to Stored XSS vulnerability

Cross-Site Request Forgery CSRF vulnerability in fromdoppler Doppler Forms allows Stored XSS. This issue affects Doppler Forms: from n/a through 2.4.5...

CVE-2025-32667 WordPress Doppler Forms plugin <= 2.5.1 - CSRF to Stored XSS vulnerability

Cross-Site Request Forgery CSRF vulnerability in fromdoppler Doppler Forms doppler-form allows Stored XSS.This issue affects Doppler Forms: from n/a through = 2.5.1...

CVE-2025-32667

CVE-2025-32667 describes a CSRF to Stored XSS in Doppler Forms (WordPress plugin) affecting Doppler Forms versions up to 2.4.5 (from n/a to 2.4.5). Connected document confirms the issue and impact but does not provide a published fix version or remediation steps. Technical details such as affecte...

CVE-2025-32692 WordPress WP Subscription Forms plugin <= 1.2.4 - Local File Inclusion Vulnerability

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in WP Shuffle WP Subscription Forms wp-subscription-forms allows PHP Local File Inclusion.This issue affects WP Subscription Forms: from n/a through = 1.2.4...

CVE-2025-32692

CVE-2025-32692: WP Subscription Forms (WordPress) =1.2.4) or apply vendor fix; monitor for advisories.