CVE-2025-46250 WordPress VForm <= 3.1.14 - Cross Site Scripting (XSS) Vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Vikas Ratudi VForm allows Stored XSS. This issue affects VForm: from n/a through 3.1.14...

CVE-2025-30778 WordPress VForm plugin <= 3.1.9 - Reflected Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Vikas Ratudi VPSUForm v-form allows Reflected XSS.This issue affects VPSUForm: from n/a through = 3.1.9...

CVE-2025-30778

CVE-2025-30778 is a reflected XSS in the WordPress plugin Lifetime free Drag & Drop Contact Form Builder for WordPress VForm . The vulnerability arises from improper neutralization of input during web page generation, enabling an attacker to inject malicious scripts via crafted input that is refl...

CVE-2025-30778 WordPress VForm plugin <= 3.1.9 - Reflected Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Vikas Ratudi VPSUForm v-form allows Reflected XSS.This issue affects VPSUForm: from n/a through = 3.1.9...

WordPress VForm Plugin <= 2.1.5 is vulnerable to Cross Site Scripting (XSS)

Software VForm Type Plugin Vulnerable versions = 2.1.5 Fixed in 2.1.6 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2024-6770 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID 84552ffa98ca Credits Artem Polynko Artem Polynko...