Formbuilder Security Vulnerabilities and Issues — Formbuilder CVE List

Formbuilder ProjectFormbuilder

3 matches found

CVE•added 2022/04/04 3:35 p.m.•72 views

CVE-2022-0830

The CVE-2022-0830 entry describes a CSRF/XS S vulnerability in the WordPress FormBuilder plugin (<= 1.08). The plugin fails CSRF checks when creating/updating/deleting forms and does not sanitize/escape form field values, enabling an authenticated attacker to cause a logged-in admin to update/...

6.5CVSS6.2AI score0.00103EPSS

Web

CVE•added 2019/08/21 5:47 p.m.•37 views

CVE-2016-10910

The CVE-2016-10910 refers to the WordPress FormBuilder plugin. Affected component: FormBuilder plugin before version 1.06 for WordPress. Description in sources: multiple cross-site scripting (XSS) issues. Practical impact stated: client-side code execution via XSS; exploitation details are not pr...

6.1CVSS6.1AI score0.0019EPSS

CVE•added 2019/08/21 5:46 p.m.•31 views

CVE-2012-6715

CVE-2012-6715 concerns the WordPress Formbuilder plugin, affected versions before 0.9.1. The vulnerability is a stored/reflective XSS via the Referer header, enabling execution of malicious client-side scripts. Documented impact is cross-site scripting; exploitation details beyond this risk descr...

6.1CVSS6AI score0.0019EPSS