CVE-2025-62758 WordPress Funnelforms Free plugin <= 3.8 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Funnelforms Funnelforms Free funnelforms-free allows DOM-Based XSS.This issue affects Funnelforms Free: from n/a through = 3.8...

WordPress Funnelforms Free Missing License Vulnerability

Funnelforms Free is a free plugin that focuses on helping webmasters increase conversions through multi-step forms and contact forms. WordPress Funnelforms Free suffers from a lack of authorization vulnerability, which can be exploited by an attacker to perform an unauthorized operation via a...

WordPress Funnelforms Free Plugin <= 3.7.3.2 is vulnerable to Broken Access Control

Software Funnelforms Free Type Plugin Vulnerable versions = 3.7.3.2 Fixed in 3.7.4.1 OWASP Top 10 A5: Broken Access Control Classification Broken Access Control CVE CVE-2024-7447 Patch priority Low CVSS severity Low 5.3 Developer Claim ownership PSID 87b385c8e3d6 Credits Lucio Sá Required privile...

WordPress Funnelforms Free Plugin <= 3.4 is vulnerable to Cross Site Request Forgery (CSRF)

Software Funnelforms Free Type Plugin Vulnerable versions = 3.4 Fixed in 3.4.2 OWASP Top 10 A5: Broken Access Control Classification Cross Site Request Forgery CSRF CVE CVE-2023-5382 Patch priority Low CVSS severity Low 4.3 Developer Claim ownership PSID f05b14250614 Credits Duc Manh Required...

WordPress Funnelforms Free Plugin <= 3.4 is vulnerable to Cross Site Request Forgery (CSRF)

Software Funnelforms Free Type Plugin Vulnerable versions = 3.4 Fixed in 3.4.2 OWASP Top 10 A5: Broken Access Control Classification Cross Site Request Forgery CSRF CVE CVE-2023-5383 Patch priority Low CVSS severity Low 4.3 Developer Claim ownership PSID 647c8d609a9c Credits Duc Manh Required...

WordPress Funnelforms Free Plugin <= 3.4 is vulnerable to Broken Access Control

Software Funnelforms Free Type Plugin Vulnerable versions = 3.4 Fixed in 3.4.2 OWASP Top 10 A5: Broken Access Control Classification Broken Access Control CVE CVE-2023-5385 Patch priority Low CVSS severity Low 4.3 Developer Claim ownership PSID dbef4dc9af18 Credits WordFence Required privilege...

WordPress Funnelforms Free Plugin < 3.4 is vulnerable to Cross Site Scripting (XSS)

Software Funnelforms Free Type Plugin Vulnerable versions 3.4 Fixed in 3.4 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE N/A Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID a66c581b7251 Credits Unknown Required privilege...

WordPress Funnelforms Free Plugin < 3.3.8.5 is vulnerable to Cross Site Scripting (XSS)

Software Funnelforms Free Type Plugin Vulnerable versions 3.3.8.5 Fixed in 3.3.8.5 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID 8ac7f31605d7 Credits Rafie Muhammad Patchstack...