PT-2025-21449 · WordPress · The Form Maker

Name of the Vulnerable Software and Affected Versions: The Form Maker by 10Web WordPress plugin versions prior to 1.15.33 Description: The issue allows high privilege users, such as admins, to perform Stored Cross-Site Scripting attacks. This is possible even when the unfiltered html capability i...

PT-2025-1594 · 10Web · The Form Maker

Name of the Vulnerable Software and Affected Versions: The Form Maker by 10Web WordPress plugin versions prior to 1.15.31 Description: The issue allows high privilege users, such as admin, to perform Stored Cross-Site Scripting attacks even when the unfiltered html capability is disallowed, for...

PT-2024-39147 · 10Web · The Form Maker

Name of the Vulnerable Software and Affected Versions: The Form Maker by 10Web – Mobile-Friendly Drag & Drop Contact Form Builder plugin for WordPress versions up to, and including, 1.15.27 Description: The issue is related to Stored Cross-Site Scripting due to insufficient input sanitization and...

PT-2024-37406 · 10Web · The Form Maker

Name of the Vulnerable Software and Affected Versions: The Form Maker by 10Web WordPress plugin versions prior to 1.15.26 Description: The issue allows high privilege users, such as admins, to perform Stored Cross-Site Scripting attacks. This is possible because some settings are not properly...