CVE-2018-25346

WordPress Form Maker Plugin 1.12.24 and below contains SQL injection vulnerabilities that allow authenticated attackers to manipulate database queries by injecting SQL code through the FormMakerSQLMapping and generetecsv actions. Attackers can submit POST requests with malicious SQL payloads in t...

EUVD-2018-21866

WordPress Form Maker Plugin 1.12.24 and below contains SQL injection vulnerabilities that allow authenticated attackers to manipulate database queries by injecting SQL code through the FormMakerSQLMapping and generetecsv actions. Attackers can submit POST requests with malicious SQL payloads in t...

WordPress Form Maker by 10Web plugin <= 1.15.40 - Unauthenticated Stored Cross-Site Scripting via Matrix Field Text Box vulnerability

Unauthenticated Stored Cross-Site Scripting via Matrix Field Text Box vulnerability discovered by Naoya Takahashi nakko in WordPress Plugin Form Maker by 10Web versions = 1.15.40...

WordPress Form Maker plugin < 1.15.38 - SQL Injection vulnerability

SQL Injection vulnerability discovered by hiariz in WordPress Plugin Form Maker by 10Web versions 1.15.38...

WordPress Form Maker by 10Web plugin <= 1.15.38 - SQL Injection vulnerability

SQL Injection vulnerability discovered by Nguyen Ba Khanh in WordPress Plugin Form Maker by 10Web versions = 1.15.38...

WordPress Form Maker by 10Web plugin <= 1.15.35 - Unauthenticated Stored Cross-Site Scripting via SVG file vulnerability

Unauthenticated Stored Cross-Site Scripting via SVG file vulnerability discovered by Supakiad S. m3ez - E-CQURITY Thailand in WordPress Plugin Form Maker by 10Web versions = 1.15.35...

WordPress Form Maker by 10Web plugin < 1.15.33 - Admin+ Stored XSS via Theme Title vulnerability

Admin+ Stored XSS via Theme Title vulnerability discovered by Dmitrii Ignatyev in WordPress Plugin Form Maker by 10Web versions 1.15.33...

CVE-2025-48341 WordPress Form Maker by 10Web plugin <= 1.15.33 - Cross Site Scripting (XSS) Vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in 10Web Form Maker by 10Web form-maker allows Stored XSS.This issue affects Form Maker by 10Web: from n/a through = 1.15.33...

CVE-2025-48341 WordPress Form Maker by 10Web plugin <= 1.15.33 - Cross Site Scripting (XSS) Vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in 10Web Form Maker by 10Web form-maker allows Stored XSS.This issue affects Form Maker by 10Web: from n/a through = 1.15.33...

WordPress Form Maker by 10Web plugin < 1.15.33 - Admin+ Stored XSS vulnerability

Admin+ Stored XSS vulnerability discovered by Dmitrii Ignatyev in WordPress Plugin Form Maker by 10Web versions 1.15.33...

WordPress Form Maker by 10Web Plugin <= 1.15.30 is vulnerable to Cross Site Scripting (XSS)

Software Form Maker by 10Web Type Plugin Vulnerable versions = 1.15.30 Fixed in 1.15.31 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2024-10265 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID 0450360afe6c Credits vgo0...

WordPress plugin Form Maker by 10Web 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A cross-site scripting vulnerability exists...

WordPress Form Maker plugin <= 1.15.27 - Authenticated (Administrator+) Stored Cross-Site Scripting vulnerability

Authenticated Administrator+ Stored Cross-Site Scripting vulnerability discovered by Joel Indra in WordPress Plugin Form Maker by 10Web versions = 1.15.27...

WordPress Form Maker by 10Web Plugin <= 1.15.27 is vulnerable to Cross Site Scripting (XSS)

Software Form Maker by 10Web Type Plugin Vulnerable versions = 1.15.27 Fixed in 1.15.28 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2024-8633 Patch priority Low CVSS severity Low 5.9 Developer Claim ownership PSID e9307003321a Credits Joel Indra...

WordPress Form Maker by 10Web plugin <= 1.15.26 - Reflected Cross Site Scripting (XSS) vulnerability

Reflected Cross Site Scripting XSS vulnerability discovered by Le Ngoc Anh Patchstack Alliance in WordPress Plugin Form Maker by 10Web versions = 1.15.26...

WordPress Form Maker by 10Web Plugin <= 1.15.26 is vulnerable to Cross Site Scripting (XSS)

Software Form Maker by 10Web Type Plugin Vulnerable versions = 1.15.26 Fixed in 1.15.27 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2024-43220 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID 77f57c6e5d92 Credits Le Ngoc Anh Required...

WordPress Form Maker by 10Web Plugin < 1.15.26 is vulnerable to Cross Site Scripting (XSS)

Software Form Maker by 10Web Type Plugin Vulnerable versions 1.15.26 Fixed in 1.15.26 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2024-6130 Patch priority Low CVSS severity Low 5.9 Developer Claim ownership PSID dde619aa3ea9 Credits Dmitrii Ignatyev...

WordPress Form Maker by 10Web plugin <= 1.15.24 - Cross Site Scripting (XSS) vulnerability

Cross Site Scripting XSS vulnerability discovered by Huynh Tien Si Patchstack Alliance in WordPress Plugin Form Maker by 10Web versions = 1.15.24...

WordPress Form Maker by 10Web plugin <= 1.15.24 - Authenticated (Subscriber+) Stored Self-Based Cross-Site Scripting vulnerability

Authenticated Subscriber+ Stored Self-Based Cross-Site Scripting vulnerability discovered by stealthcopter in WordPress Plugin Form Maker by 10Web versions = 1.15.24...

WordPress Form Maker by 10Web Plugin <= 1.15.24 is vulnerable to Cross Site Scripting (XSS)

Software Form Maker by 10Web Type Plugin Vulnerable versions = 1.15.24 Fixed in 1.15.25 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2024-2258 Patch priority Low CVSS severity Low 6.5 Developer Claim ownership PSID f1579731ad34 Credits stealthcopter...