WordPress Plugin Formidable Forms Security Vulnerability

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A security vulnerability exists in WordPres...

WordPress Formidable Forms Plugin <= 6.7 is vulnerable to Cross Site Scripting (XSS)

Software Formidable Forms Type Plugin Vulnerable versions = 6.7 Fixed in 6.7.1 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2023-6842 Patch priority Low CVSS severity Low 5.9 Developer Claim ownership PSID 9bd3f7b9f18e Credits drop Required privilege...

CVE-2023-52203

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Oliver Seidel, Bastian Germann cformsII allows Stored XSS.This issue affects cformsII: from n/a through 15.0.5...

CVE-2023-52208

Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Constant Contact Constant Contact Forms.This issue affects Constant Contact Forms: from n/a through 2.4.2...

Code injection

Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Constant Contact Constant Contact Forms.This issue affects Constant Contact Forms: from n/a through 2.4.2...

CVE-2023-52208 WordPress Constant Contact Forms Plugin <= 2.4.2 is vulnerable to Sensitive Data Exposure

Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Constant Contact Constant Contact Forms.This issue affects Constant Contact Forms: from n/a through 2.4.2...

CVE-2023-52208 WordPress Constant Contact Forms Plugin <= 2.4.2 is vulnerable to Sensitive Data Exposure

Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Constant Contact Constant Contact Forms.This issue affects Constant Contact Forms: from n/a through 2.4.2...

WordPress Plugin Constant Contact Forms Information Disclosure Vulnerability

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. WordPress is a blogging platform developed in the PHP language that supports personal blogs on PHP and MySQL servers.WordPress plugin is an application...

PT-2024-14474 · Unknown · Constant Contact Forms

Name of the Vulnerable Software and Affected Versions: Constant Contact Forms versions through 2.4.2 Description: The issue is related to the exposure of sensitive information to an unauthorized actor. This is a problem where sensitive data is made accessible to individuals who should not have...

PT-2024-15103 · WordPress · Formidable Forms

Name of the Vulnerable Software and Affected Versions: Formidable Forms plugin for WordPress versions up to, and including, 6.7 Description: The Formidable Forms plugin for WordPress is vulnerable to HTML injection. This issue allows unauthenticated users to inject arbitrary HTML code into form...

PT-2024-15106 · WordPress · Formidable Forms

Name of the Vulnerable Software and Affected Versions: Formidable Forms – Contact Form, Survey, Quiz, Payment, Calculator Form & Custom Form Builder plugin for WordPress versions up to 6.7 Description: The issue is related to Stored Cross-Site Scripting via the name field label and description...

CVE-2023-52120

Cross-Site Request Forgery CSRF vulnerability in Basix NEX-Forms – Ultimate Form Builder – Contact forms and much more.This issue affects NEX-Forms – Ultimate Form Builder – Contact forms and much more: from n/a through 8.5.2...

CVE-2023-52120

Cross-Site Request Forgery CSRF vulnerability in Basix NEX-Forms – Ultimate Form Builder – Contact forms and much more.This issue affects NEX-Forms – Ultimate Form Builder – Contact forms and much more: from n/a through 8.5.2...

Cross site request forgery (csrf)

Cross-Site Request Forgery CSRF vulnerability in Basix NEX-Forms – Ultimate Form Builder – Contact forms and much more.This issue affects NEX-Forms – Ultimate Form Builder – Contact forms and much more: from n/a through 8.5.2...

CVE-2023-52120 WordPress NEX-Forms – Ultimate Form Builder Plugin <= 8.5.2 is vulnerable to Cross Site Request Forgery (CSRF)

Cross-Site Request Forgery CSRF vulnerability in Basix NEX-Forms – Ultimate Form Builder – Contact forms and much more.This issue affects NEX-Forms – Ultimate Form Builder – Contact forms and much more: from n/a through 8.5.2...

CVE-2023-52120 WordPress NEX-Forms – Ultimate Form Builder Plugin <= 8.5.2 is vulnerable to Cross Site Request Forgery (CSRF)

Cross-Site Request Forgery CSRF vulnerability in Basix NEX-Forms – Ultimate Form Builder – Contact forms and much more.This issue affects NEX-Forms – Ultimate Form Builder – Contact forms and much more: from n/a through 8.5.2...

CVE-2023-52120

Technical details for CVE-2023-52120 are not provided in the supplied documents. No product/version/impact specifics are available here; monitor for official advisories and updates.

HTML Forms < 1.3.30 - Admin+ Stored XSS

Description The plugin does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for example in multisite setup...

Everest Forms < 2.0.5 - Admin+ Stored XSS

Description The plugin does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for example in multisite setup...

WordPress Plugin NEX-Forms Cross-Site Request Forgery Vulnerability

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A cross-site request forger...