CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

10 matches found

RedhatCVE•added 2026/02/21 7:30 p.m.•4 views

CVE-2025-69324

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Basix NEX-Forms nex-forms-express-wp-form-builder allows Stored XSS.This issue affects NEX-Forms: from n/a through = 9.1.7...

7.1CVSS5.5AI score0.00045EPSS

Exploits0References1

EUVD•added 2025/10/07 12:30 a.m.•2 views

EUVD-2015-9292

Malware in sbrugna...

9.8CVSS9.2AI score0.00713EPSS

Exploits1References4

CVE•added 2024/10/05 2:34 a.m.•45 views

CVE-2024-9528

CVE-2024-9528 : Stored Cross-Site Scripting in the WordPress plugin “Contact Form Plugin by Fluent Forms for Quiz, Survey, and Drag & Drop WP Form Builder” (versions ≤ 5.1.19). Root cause: insufficient input sanitization and output escaping in form label fields, allowing an authenticated attacker...

4.9CVSS5AI score0.00236EPSS

Exploits0References4Affected Software1

NVD•added 2024/07/27 1:15 p.m.•16 views

CVE-2024-6703

The Contact Form Plugin by Fluent Forms for Quiz, Survey, and Drag & Drop WP Form Builder plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘description’ and 'btntxt' parameters in all versions up to, and including, 5.1.19 due to insufficient input sanitization and output...

5.4CVSS0.00177EPSS

Exploits0References3

CVE•added 2024/07/27 11:13 a.m.•43 views

CVE-2024-6521

CVE-2024-6521 affects the WordPress plugin Contact Form Plugin by Fluent Forms for Quiz, Survey, and Drag & Drop WP Form Builder. All versions up to 5.1.19 are vulnerable to Stored Cross-Site Scripting due to insufficient input sanitization and output escaping. Exploitation requires Administrator...

4.8CVSS6AI score0.00216EPSS

Exploits0References3Affected Software1

NVD•added 2024/05/18 8:15 a.m.•23 views

CVE-2024-2771

The Contact Form Plugin by Fluent Forms for Quiz, Survey, and Drag & Drop WP Form Builder plugin for WordPress is vulnerable to privilege escalation due to a missing capability check on the /wp-json/fluentform/v1/managers REST API endpoint in all versions up to, and including, 5.1.16. This makes ...

9.8CVSS6.9AI score0.21837EPSS

Exploits1References2

Cvelist•added 2024/05/18 7:38 a.m.•20 views

CVE-2024-4709 Contact Form Plugin by Fluent Forms for Quiz, Survey, and Drag & Drop WP Form Builder <= 5.1.16 - Authenticated (Contributor+) Stored Cross-Site Scripting

The Contact Form Plugin by Fluent Forms for Quiz, Survey, and Drag & Drop WP Form Builder plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘subject’ parameter in versions up to, and including, 5.1.16 due to insufficient input sanitization and output escaping. This makes i...

6.4CVSS6.3AI score0.00193EPSS

Exploits0References5

Cvelist•added 2024/05/18 7:38 a.m.•27 views

CVE-2024-2772 Contact Form Plugin by Fluent Forms for Quiz, Survey, and Drag & Drop WP Form Builder <= 5.1.13 - Authenticated (Subscriber+) Stored Cross-Site Scripting

The Contact Form Plugin by Fluent Forms for Quiz, Survey, and Drag & Drop WP Form Builder plugin for WordPress is vulnerable to Stored Cross-Site Scripting via form settings in all versions up to, and including, 5.1.13 due to insufficient input sanitization and output escaping. This makes it...

6.4CVSS6.9AI score0.00263EPSS

Exploits0References2

Cvelist•added 2024/05/18 7:38 a.m.•22 views

CVE-2024-2782 Contact Form Plugin by Fluent Forms for Quiz, Survey, and Drag & Drop WP Form Builder <= 5.1.16 - Missing Authorization to Setting Manipulation

The Contact Form Plugin by Fluent Forms for Quiz, Survey, and Drag & Drop WP Form Builder plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the /wp-json/fluentform/v1/global-settings REST API endpoint in all versions up to, and including,...

7.5CVSS7.5AI score0.06835EPSS

Exploits0References2

Prion•added 2019/10/07 3:15 p.m.•10 views

Sql injection

The nex-forms-express-wp-form-builder plugin before 4.6.1 for WordPress has SQL injection via the wp-admin/admin.php?page=nex-forms-main nexformsId parameter...

7.5CVSS8.4AI score0.00713EPSS

Exploits1References3Affected Software1

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by