Lucene search
K
ReputeinfosystemsArforms Form Builder

6 matches found

CVE
CVE
added 2024/01/11 8:32 a.m.79 views

CVE-2023-6828

CVE-2023-6828 concerns the ARForms Form Builder WordPress plugin. The WordPress ARForms plugin is vulnerable to Stored Cross-Site Scripting via the arf_http_referrer_url parameter in all versions up to and including 1.5.8, due to insufficient input sanitization and output escaping. The vulnerabil...

7.2CVSS5.9AI score0.00374EPSS
CVE
CVE
added 2024/05/08 1:25 p.m.62 views

CVE-2024-31270

CVE-2024-31270 is a Missing Authorization vulnerability in Repute InfoSystems ARForms Form Builder (WordPress plugin). Affected: ARForms Form Builder up to version 1.6.1. Root cause: missing authorization allows unauthorized access. Impact: as described in sources, includes missing access control...

8CVSS8.6AI score0.00361EPSS
CVE
CVE
added 2023/04/18 12:11 p.m.61 views

CVE-2022-45838

The CVE refers to an unauthenticated stored cross-site scripting (XSS) vulnerability in the Repute InfoSystems ARForms Form Builder plugin for WordPress, versioned at or below 1.5.5 (with some sources citing <= 1.5.5 and patches mentioning <= 1.5.4). Root cause is an XSS flaw that can be ex...

6.1CVSS5.8AI score0.00406EPSS
CVE
CVE
added 2024/12/09 11:31 a.m.61 views

CVE-2024-54223

CVE-2024-54223 is a documented HTML/Script-injection vulnerability in the ARForms Form Builder for WordPress (Contact Form - Repute InfoSystems). The issue is described as an improper neutralization of script-related HTML tags in a web page, resulting in a Basic XSS and potential code injection. ...

6.1CVSS7.3AI score0.00324EPSS
CVE
CVE
added 2024/04/12 12:38 p.m.52 views

CVE-2024-31272

ARForms Form Builder (WordPress plugin) has a CSRF vulnerability affecting versions up to 1.6.1. The connected sources confirm the issue and affected range, but do not provide a publicly documented fix/version to remediate within the provided documents.

6.3CVSS8.5AI score0.00184EPSS
CVE
CVE
added 2024/07/20 8:58 a.m.40 views

CVE-2024-37920

CVE-2024-37920 (ARForms Form Builder) is a Reflected XSS in ARForms Form Builder for WordPress, affecting 1.6.7 and earlier. The issue arises from improper input neutralization during web page generation, enabling reflected scripts. The Red Hat/NVD entries confirm the vulnerability details and ma...

7.1CVSS7AI score0.00327EPSS