Formidable Form Builder@* Security Vulnerabilities and Issues — Formidable Form Builder@* CVE List

Lucene search

Strategy11Formidable Form Builder*

5 matches found

CVE•added 2023/03/27 4:15 p.m.•85 views

CVE-2023-0816

The Formidable Forms WordPress plugin before 6.1 uses several potentially untrusted headers to determine the IP address of the client, leading to IP Address spoofing and bypass of anti-spam protections.

6.5CVSS6.4AI score0.00089EPSS

CVE•added 2023/02/28 2:15 p.m.•67 views

CVE-2023-24419

Cross-Site Request Forgery (CSRF) vulnerability in Strategy11 Form Builder Team Formidable Forms plugin

8.8CVSS7.9AI score0.00072EPSS

CVE•added 2021/10/25 2:15 p.m.•56 views

CVE-2021-24884

The Formidable Form Builder WordPress plugin before 4.09.05 allows to inject certain HTML Tags like ,,, and.This could allow an unauthenticated, remote attacker to exploit a HTML-injection byinjecting a malicous link. The HTML-injection may trick authenticated users to follow the link. If the Link ...

9.6CVSS9.7AI score0.19162EPSS

Web

CVE•added 2019/08/29 12:15 p.m.•54 views

CVE-2019-15780

The formidable plugin before 4.02.01 for WordPress has unsafe deserialization.

9.8CVSS9.5AI score0.01105EPSS

CVE•added 2021/10/25 2:15 p.m.•44 views

CVE-2021-24608

The Formidable Form Builder – Contact Form, Survey & Quiz Forms Plugin for WordPress plugin before 5.0.07 does not sanitise and escape its Form's Labels, allowing high privileged users to perform Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed

4.8CVSS4.6AI score0.00206EPSS