Lucene search
K
Strategy11Formidable Form Builder

9 matches found

CVE
CVE
added 2023/03/27 3:37 p.m.103 views

CVE-2023-0816

CVE-2023-0816 affects the WordPress plugin Formidable Forms (before 6.1). The vulnerability arises from using several potentially untrusted HTTP headers to determine the client IP address, enabling IP address spoofing and bypass of anti-spam protections. Affected versions: Formidable Forms

6.5CVSS6.4AI score0.00498EPSS
CVE
CVE
added 2023/02/28 1:35 p.m.81 views

CVE-2023-24419

CVE-2023-24419 affects the WordPress Formidable Forms plugin (

8.8CVSS7.9AI score0.00264EPSS
CVE
CVE
added 2021/10/25 1:20 p.m.71 views

CVE-2021-24884

The CVE-2021-24884 entry concerns the WordPress Formidable Form Builder plugin prior to version 4.09.05. Multiple connected sources confirm a stored XSS/HTML-injection vulnerability stemming from insufficient sanitization of the data-frmverify tag in links on the web-based entry inspection page, ...

9.6CVSS9.7AI score0.03084EPSS
CVE
CVE
added 2024/10/16 6:43 a.m.67 views

CVE-2017-20192

CVE-2017-20192 affects Formidable Form Builder for WordPress prior to 2.05.03. The root cause is insufficient input sanitization and output escaping in form parameters (notably after_html), enabling Stored Cross-Site Scripting where unauthenticated attackers can inject scripts into victims’ brows...

8.3CVSS7.2AI score0.00999EPSS
CVE
CVE
added 2019/08/29 11:55 a.m.66 views

CVE-2019-15780

The CVE concerns the WordPress Formidable Form Builder plugin. Affected: Formidable Form Builder plugin for WordPress prior to version 4.02.01. Root cause: unsafe deserialization in the plugin. Impact: high/critical severity indicators in multiple references (CVSS up to 9.8 in some data) with rem...

9.8CVSS9.5AI score0.02389EPSS
CVE
CVE
added 2021/10/25 1:20 p.m.60 views

CVE-2021-24608

The CVE-2021-24608 entry concerns the WordPress plugin Formidable Form Builder – Contact Form, Survey & Quiz Forms, prior to version 5.0.07. Affected component: form labels in the plugin’s admin/form UI. Root cause: the plugin does not sanitize/escape form labels, enabling cross-site scripting (X...

4.8CVSS4.6AI score0.00654EPSS
CVE
CVE
added 2024/01/09 6:41 a.m.60 views

CVE-2023-6842

The CVE-2023-6842 entry concerns Formidable Forms for WordPress, where Stored Cross-Site Scripting is possible via the name and description field labels in all versions up to 6.7. Root cause: insufficient input sanitization and output escaping. Impact: authenticated attackers with administrator-l...

4.8CVSS5.1AI score0.00316EPSS
CVE
CVE
added 2024/01/09 6:41 a.m.57 views

CVE-2023-6830

CVE-2023-6830 affects the WordPress plugin Formidable Forms (

6.5CVSS6.9AI score0.00393EPSS
CVE
CVE
added 2024/10/16 7:31 a.m.56 views

CVE-2017-20194

CVE-2017-20194 affects Formidable Form Builder for WordPress. The vulnerability is an unauthenticated information disclosure via the frm_forms_preview AJAX action in versions up to 2.05.03, allowing retrieval/export of all form entries for a given form. Impact is sensitive data exposure; no explo...

5.3CVSS5.2AI score0.01098EPSS