CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

6 matches found

RedhatCVE•added 2025/05/23 10:11 a.m.•4 views

CVE-2024-3053

The Forminator – Contact Form, Payment Form & Custom Form Builder plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘id’ forminatorform shortcode attribute in versions up to, and including, 1.29.2 due to insufficient input sanitization and output escaping. This makes it...

6.4CVSS5.8AI score0.00127EPSS

Exploits0References1

Patchstack•added 2024/10/16 12:0 a.m.•11 views

WordPress Forminator Plugin <= 1.35.1 is vulnerable to Cross Site Request Forgery (CSRF)

Software Forminator Type Plugin Vulnerable versions = 1.35.1 Fixed in 1.36.0 OWASP Top 10 A5: Broken Access Control Classification Cross Site Request Forgery CSRF CVE CVE-2024-9352 Patch priority Low CVSS severity Low 4.3 Developer WPMU DEV PSID 2a09c8737b42 Credits Vijaysimha Reddy vijaysimha...

4.3CVSS7AI score0.00128EPSS

Exploits0References3Affected Software1

Patchstack•added 2024/04/09 12:0 a.m.•8 views

WordPress Forminator Plugin <= 1.29.2 is vulnerable to Cross Site Scripting (XSS)

Software Forminator Type Plugin Vulnerable versions = 1.29.2 Fixed in 1.29.3 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2024-3053 Patch priority Low CVSS severity Low 6.5 Developer WPMU DEV PSID 65d61e38cc9c Credits wesley wcraft Required privilege...

6.4CVSS5.7AI score0.00127EPSS

Exploits0References3Affected Software1

Patchstack•added 2024/04/01 12:0 a.m.•17 views

WordPress Forminator Plugin <= 1.29.0 is vulnerable to Cross Site Scripting (XSS)

Software Forminator Type Plugin Vulnerable versions = 1.29.0 Fixed in 1.29.1 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2024-1794 Patch priority Medium CVSS severity Medium 7.1 Developer WPMU DEV PSID adc117fb9f27 Credits wesley wcraft Required...

7.2CVSS5.6AI score0.02252EPSS

Exploits0References3Affected Software1

Patchstack•added 2024/03/25 12:0 a.m.•14 views

WordPress Forminator Plugin <= 1.29.0 is vulnerable to Cross Site Scripting (XSS)

Software Forminator Type Plugin Vulnerable versions = 1.29.0 Fixed in 1.29.1 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2024-29777 Patch priority Medium CVSS severity Medium 7.1 Developer WPMU DEV PSID 4c3587917921 Credits Rafie Muhammad Patchstack Required privile...

7.1CVSS6.8AI score0.00276EPSS

Exploits0References2Affected Software1

Patchstack•added 2023/11/15 12:0 a.m.•15 views

WordPress Forminator Plugin <= 1.27.0 is vulnerable to Arbitrary File Upload

Software Forminator Type Plugin Vulnerable versions = 1.27.0 Fixed in 1.28.0 OWASP Top 10 A1: Injection Classification Arbitrary File Upload CVE CVE-2023-6133 Patch priority Low CVSS severity Low 6.6 Developer WPMU DEV PSID e543496c8db2 Credits István Márton Required privilege Administrator...

6.6CVSS6.8AI score0.00349EPSS

Exploits0References3Affected Software1

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by