Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee
Vulnerability List
Clear Filters
Found 32 results
CVE IDTitleVendorProductSeverityCVSS ScorePublished AtAI Analysis
CVE-2026-4160 Fluent Forms – Customizable Contact Forms, Survey, Quiz, & Conversational Form Builder <= 6.1.21 - Insecure Direct Object Reference in Stripe SCA Confirmation to Unauthenticated Payment Status Modification techjewelFluent Forms – Customizable Contact Forms, Survey, Quiz, & Conversational Form Builder Medium 5.3 2026-04-16 13:27:09 Deep Dive
CVE-2026-2899 Fluent Forms Pro Add On Pack <= 6.1.17 - Missing Authorization to Unauthenticated Arbitrary Attachment Deletion techjewelFluent Forms Pro Add On Pack Medium 6.5 2026-03-05 03:23:41 Deep Dive
CVE-2026-2365 Fluent Forms Pro <= 6.1.17 - Unauthenticated Stored Cross-Site Scripting via Draft Form Submission techjewelFluent Forms Pro Add On Pack High 7.2 2026-03-05 03:23:41 Deep Dive
CVE-2026-2428 Fluent Forms Pro Add On Pack <= 6.1.17 - Missing Authorization to Unauthenticated Payment Status modification techjewelFluent Forms Pro Add On Pack High 7.5 2026-02-27 03:23:19 Deep Dive
CVE-2026-0996 Fluent Forms <= 6.1.14 - Authenticated (Subscriber+) Stored Cross-Site Scripting via AI Form Builder Module techjewelFluent Forms – Customizable Contact Forms, Survey, Quiz, & Conversational Form Builder Medium 6.4 2026-02-10 05:29:42 Deep Dive
CVE-2026-0632 Fluent Forms Pro Add On Pack <= 6.1.12 - Authenticated (Subscriber+) Server-Side Request Forgery via 'saveDataSource' techjewelFluent Forms Pro Add On Pack Medium 5.4 2026-02-09 11:22:36 Deep Dive
CVE-2025-13722 Fluent Forms <= 6.1.7 - Missing Authorization to Authenticated (Subscriber+) Arbitrary Form Creation via AI Builder techjewelFluent Forms – Customizable Contact Forms, Survey, Quiz, & Conversational Form Builder Medium 5.3 2026-01-07 09:21:06 Deep Dive
CVE-2025-13748 Fluent Forms <= 6.1.7 - Unauthenticated Insecure Direct Object Reference to Payment Status Tampering via submission_id techjewelFluent Forms – Customizable Contact Forms, Survey, Quiz, & Conversational Form Builder Medium 5.3 2025-12-06 06:39:09 Deep Dive
CVE-2025-9260 Fluent Forms – Customizable Contact Forms, Survey, Quiz, & Conversational Form Builder 5.1.16 - 6.1.1 - Authenticated (Subscriber+) PHP Object Injection To Arbitrary File Read techjewelFluent Forms – Customizable Contact Forms, Survey, Quiz, & Conversational Form Builder Medium 6.5 2025-09-02 23:22:46 Deep Dive
CVE-2025-3615 Fluent Forms <= 6.0.2 - Authenticated (Contributor+) Stored Cross-Site Scripting techjewelFluent Forms – Customizable Contact Forms, Survey, Quiz, & Conversational Form Builder Medium 6.4 2025-04-17 07:34:08 Deep Dive
CVE-2024-13666 Fluent Forms – Customizable Contact Forms, Survey, Quiz, & Conversational Form Builder <= 5.2.12 - IP-Spoofing techjewelFluent Forms – Customizable Contact Forms, Survey, Quiz, & Conversational Form Builder Medium 5.3 2025-03-22 08:24:18 Deep Dive
CVE-2025-23904 WordPress Rebrand Fluent Forms Plugin <= 1.0 - Reflected Cross Site Scripting (XSS) vulnerability rebrandpressRebrand Fluent Forms High 7.1 2025-03-03 13:30:21 Deep Dive
CVE-2024-10646 Contact Form Plugin by Fluent Forms for Quiz, Survey, and Drag & Drop WP Form Builder <= 5.2.6 - Unauthenticated Stored Cross-Site Scripting via Form Subject techjewelFluent Forms – Customizable Contact Forms, Survey, Quiz, & Conversational Form Builder High 7.2 2024-12-14 05:34:14 Deep Dive
CVE-2024-9651 Contact Form Plugin by Fluent Forms < 5.2.1 - Admin+ Stored XSS UnknownFluent Forms 中危 -2024-12-09 06:00:06 Deep Dive
CVE-2022-4974 Freemius SDK <= 2.4.2 - Missing Authorization Checks dashlabsltdYASR – Yet Another Star Rating Plugin for WordPress Medium 6.3 2024-10-16 06:43:30 Deep Dive
CVE-2024-9528 Contact Form Plugin by Fluent Forms for Quiz, Survey, and Drag & Drop WP Form Builder <= 5.1.19 - Authenticated (Form Manager+) Stored Cross-Site Scripting techjewelFluent Forms – Customizable Contact Forms, Survey, Quiz, & Conversational Form Builder Medium 4.9 2024-10-05 02:34:50 Deep Dive
CVE-2024-5053 Contact Form Plugin by Fluent Forms for Quiz, Survey, and Drag & Drop WP Form Builder <= 5.1.18 - Missing Authorization to Authenticated (Subscriber+) Mailchimp Integration Modification techjewelFluent Forms – Customizable Contact Forms, Survey, Quiz, & Conversational Form Builder Medium 4.2 2024-09-01 10:58:05 Deep Dive
CVE-2024-6703 Contact Form Plugin by Fluent Forms for Quiz, Survey, and Drag & Drop WP Form Builder <= 5.1.19 - Authenticated (Subscriber+) Stored Cross-Site Scripting via Welcome Screen Fields techjewelFluent Forms – Customizable Contact Forms, Survey, Quiz, & Conversational Form Builder Medium 4.9 2024-07-27 12:30:06 Deep Dive
CVE-2024-6518 Contact Form Plugin by Fluent Forms for Quiz, Survey, and Drag & Drop WP Form Builder <= 5.1.19 - Authenticated (Administrator+) Stored Cross-Site Scripting techjewelFluent Forms – Customizable Contact Forms, Survey, Quiz, & Conversational Form Builder Medium 4.4 2024-07-27 11:37:32 Deep Dive
CVE-2024-6520 Contact Form Plugin by Fluent Forms for Quiz, Survey, and Drag & Drop WP Form Builder <= 5.1.19 - Authenticated (Administrator+) Stored Cross-Site Scripting techjewelFluent Forms – Customizable Contact Forms, Survey, Quiz, & Conversational Form Builder Medium 4.4 2024-07-27 11:37:29 Deep Dive