Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee
Vulnerability List
Clear Filters
Found 35 results
CVE IDTitleVendorProductSeverityCVSS ScorePublished AtAI Analysis
CVE-2026-32332 WordPress Easy Form plugin <= 2.7.9 - Broken Access Control vulnerability Ays ProEasy Form 中危 -2026-03-13 11:41:56 Deep Dive
CVE-2026-2707 weForms <= 1.6.27 - Authenticated (Subscriber+) Stored Cross-Site Scripting via Hidden Field Value via REST API boldgridweForms – Easy Drag & Drop Contact Form Builder For WordPress Medium 6.4 2026-03-11 05:27:18 Deep Dive
CVE-2025-14067 Easy Form Builder <= 3.9.3 - Missing Authorization to Authenticated (Subscriber+) Sensitive Form Response Data Exposure hassantafreshiEasy Form Builder by WhiteStudio — Drag & Drop Form Builder Medium 5.3 2026-02-14 03:25:28 Deep Dive
CVE-2026-22472 WordPress Easy Form Builder plugin <= 3.9.6 - Broken Access Control vulnerability hassantafreshiEasy Form Builder Medium 4.3 2026-01-22 16:52:42 Deep Dive
CVE-2025-66117 WordPress Easy Form plugin <= 2.7.8 - Broken Access Control vulnerability Ays ProEasy Form High 7.5 2025-12-18 07:22:19 Deep Dive
CVE-2025-67577 WordPress Easy Form Builder plugin <= 3.8.20 - Broken Access Control vulnerability hassantafreshiEasy Form Builder Medium 5.3 2025-12-09 14:14:14 Deep Dive
CVE-2025-13159 Flo Forms – Easy Drag & Drop Form Builder <= 1.0.43 - Unauthenticated Stored Cross-Site Scripting via SVG Upload flothemespluginsFlo Forms – Easy Drag & Drop Form Builder High 7.1 2025-11-21 07:31:52 Deep Dive
CVE-2015-10147 Easy Testimonial Slider and Form <= 1.0.2 - Authenticated (Admin+) SQL injection nik00726Easy Testimonial Slider and Form Medium 4.9 2025-10-29 09:27:58 Deep Dive
CVE-2025-10735 Block For Mailchimp – Easy Mailchimp Form Integration <= 1.1.12 - Unauthenticated Blind Server-Side Request Forgery bpluginsBlock for Mailchimp – Add Email Subscription Forms and Collect Leads Medium 4.0 2025-10-01 03:25:23 Deep Dive
CVE-2025-54678 WordPress Easy Form Builder Plugin <= 3.8.15 - SQL Injection Vulnerability hassantafreshiEasy Form Builder Critical 9.3 2025-08-14 10:34:43 Deep Dive
CVE-2025-8420 Multiple Plugins by emarket-design <= Multiple Versions - Unauthenticated Limited Remote Code Execution emarket-designCampus Directory – Faculty, Staff & Student Directory Plugin for WordPress High 8.1 2025-08-06 02:24:12 Deep Dive
CVE-2025-8315 WP Easy Contact <= 4.0.1 - Authenticated (Contributor+) Stored Cross-Site Scripting via noaccess_msg Parameter emarket-designSimple Contact Form Plugin for WordPress – WP Easy Contact Medium 6.4 2025-08-05 06:39:48 Deep Dive
CVE-2025-5539 Simplify Contact Management: WP Easy Contact <= 4.0.0 - Authenticated (Contributor+) Stored Cross-Site Scripting emarket-designSimple Contact Form Plugin for WordPress – WP Easy Contact Medium 6.4 2025-06-04 04:22:42 Deep Dive
CVE-2025-3794 WPForms Lite <= 1.9.5 - Authenticated (Contributor+) Stored Cross-Site Scripting via 'start_timestamp' Parameter smubWPForms – Easy Form Builder for WordPress – Contact Forms, Payment Forms, Surveys, & More Medium 5.4 2025-05-09 22:22:13 Deep Dive
CVE-2025-27285 WordPress Easy Form by AYS Plugin <= 2.6.9 - Reflected Cross Site Scripting (XSS) vulnerability Ays ProEasy Form High 7.1 2025-04-17 15:48:09 Deep Dive
CVE-2025-26962 WordPress Contact Form Plugin plugin <= 1.1.25 - Cross Site Scripting (XSS) vulnerability GhozyLabEasy Contact Form Lite Medium 6.5 2025-02-25 14:17:57 Deep Dive
CVE-2024-13403 WPForms Lite <= 1.9.3.1 - Authenticated (Contributor+) Stored Cross-Site Scripting via fieldHTML Parameter smubWPForms – Easy Form Builder for WordPress – Contact Forms, Payment Forms, Surveys, & More Medium 6.4 2025-02-04 08:21:07 Deep Dive
CVE-2024-12112 Easy Form Builder <= 3.8.8 - Missing Authorization to Authenticated (Subscriber+) Stored Cross-Site Scripting hassantafreshiEasy Form Builder by WhiteStudio — Drag & Drop Form Builder Medium 6.4 2025-01-08 03:18:11 Deep Dive
CVE-2024-11205 WPForms 1.8.4 - 1.9.2.1 - Missing Authorization to Authenticated (Subscriber+) Payment Refund and Subscription Cancellation smubWPForms – Easy Form Builder for WordPress – Contact Forms, Payment Forms, Surveys, & More High 8.5 2024-12-10 04:23:41 Deep Dive
CVE-2024-10593 WPForms – Easy Form Builder for WordPress <= 1.9.1.6 - Cross-Site Request Forgery (CSRF) to Plugin's Log Deletion smubWPForms – Easy Form Builder for WordPress – Contact Forms, Payment Forms, Surveys, & More Medium 4.3 2024-11-13 02:33:17 Deep Dive