| CVE ID | Title | Vendor | Product | Severity | CVSS Score | Published At | AI Analysis |
|---|---|---|---|---|---|---|---|
| CVE-2023-52120 | WordPress NEX-Forms – Ultimate Form Builder Plugin <= 8.5.2 is vulnerable to Cross Site Request Forgery (CSRF) | Basix | NEX-Forms – Ultimate Form Builder – Contact forms and much more | Medium | 5.4 | 2024-01-05 09:25:37 | Deep Dive |
| CVE-2023-50896 | WordPress weForms Plugin <= 1.6.17 is vulnerable to Cross Site Scripting (XSS) | weForms | weForms – Easy Drag & Drop Contact Form Builder For WordPress | Medium | 5.9 | 2023-12-29 11:09:16 | Deep Dive |
| CVE-2023-32517 | WordPress MailChimp Subscribe Forms Plugin <= 4.0.9.3 is vulnerable to Open Redirection | PluginOps | MailChimp Subscribe Form, Optin Builder, PopUp Builder, Form Builder | Medium | 4.7 | 2023-12-29 10:05:17 | Deep Dive |
| CVE-2023-50838 | WordPress NEX-Forms – Ultimate Form Builder Plugin <= 8.5.5 is vulnerable to SQL Injection | Basix | NEX-Forms – Ultimate Form Builder – Contact forms and much more | High | 7.6 | 2023-12-28 20:04:59 | Deep Dive |
| CVE-2023-49170 | WordPress Forms by CaptainForm Plugin <= 2.5.3 is vulnerable to Cross Site Scripting (XSS) | captainform | Forms by CaptainForm – Form Builder for WordPress | High | 7.1 | 2023-12-15 14:10:52 | Deep Dive |
| CVE-2023-35909 | WordPress Ninja Forms Plugin <= 3.6.25 is vulnerable to Denial of Service Attack | Saturday Drive | Ninja Forms Contact Form – The Drag and Drop Form Builder for WordPress | Medium | 5.3 | 2023-12-07 11:15:27 | Deep Dive |
| CVE-2023-5990 | Funnelforms Free < 3.4.2 - Form Deletion/Duplication via CSRF | Unknown | Interactive Contact Form and Multi Step Form Builder with Drag & Drop Editor | - | - | 2023-12-04 21:29:11 | Deep Dive |
| CVE-2023-48752 | WordPress Happyforms Plugin <= 1.25.9 is vulnerable to Cross Site Scripting (XSS) | Happyforms | Form builder to get in touch with visitors, grow your email list and collect payments — Happyforms | High | 7.1 | 2023-11-30 16:19:43 | Deep Dive |
| CVE-2023-45609 | WordPress Powr Pack Plugin <= 2.1.0 is vulnerable to Cross Site Scripting (XSS) | POWR.io | Contact Form – Custom Builder, Payment Form, and More | Medium | 6.5 | 2023-11-30 15:52:28 | Deep Dive |
| CVE-2023-5385 | Funnelforms Free <= 3.4 - Missing Authorization to Arbitrary Post Duplication | funnelforms | Interactive Contact Form and Multi Step Form Builder with Drag & Drop Editor – Funnelforms Free | Medium | 4.3 | 2023-11-22 15:33:37 | Deep Dive |
| CVE-2023-5383 | Funnelforms Free <= 3.4 - Cross-Site Request Forgery to Arbitrary Post Duplication | funnelforms | Interactive Contact Form and Multi Step Form Builder with Drag & Drop Editor – Funnelforms Free | Medium | 4.3 | 2023-11-22 15:33:35 | Deep Dive |
| CVE-2023-5387 | Funnelforms Free <= 3.4 - Missing Authorization to Enable/Disable Dark Mode | funnelforms | Interactive Contact Form and Multi Step Form Builder with Drag & Drop Editor – Funnelforms Free | Medium | 4.3 | 2023-11-22 15:33:35 | Deep Dive |
| CVE-2023-5416 | Funnelforms Free <= 3.4 - Missing Authorization to Category Deletion | funnelforms | Interactive Contact Form and Multi Step Form Builder with Drag & Drop Editor – Funnelforms Free | Medium | 4.3 | 2023-11-22 15:33:32 | Deep Dive |
| CVE-2023-5411 | Funnelforms Free <= 3.4 - Missing Authorization to Post Modification | funnelforms | Interactive Contact Form and Multi Step Form Builder with Drag & Drop Editor – Funnelforms Free | Medium | 4.3 | 2023-11-22 15:33:30 | Deep Dive |
| CVE-2023-5382 | Funnelforms Free <= 3.4 - Cross-Site Request Forgery to Arbitrary Post Deletion | funnelforms | Interactive Contact Form and Multi Step Form Builder with Drag & Drop Editor – Funnelforms Free | Medium | 6.5 | 2023-11-22 15:33:28 | Deep Dive |
| CVE-2023-5415 | Funnelforms Free <= 3.4 - Missing Authorization to New Category Creation | funnelforms | Interactive Contact Form and Multi Step Form Builder with Drag & Drop Editor – Funnelforms Free | Medium | 4.3 | 2023-11-22 15:33:27 | Deep Dive |
| CVE-2023-5419 | Funnelforms Free <= 3.4 - Missing Authorization to Test Email Sending | funnelforms | Interactive Contact Form and Multi Step Form Builder with Drag & Drop Editor – Funnelforms Free | Medium | 4.3 | 2023-11-22 15:33:25 | Deep Dive |
| CVE-2023-5386 | Funnelforms Free <= 3.4 - Missing Authorization to Arbitrary Post Deletion | funnelforms | Interactive Contact Form and Multi Step Form Builder with Drag & Drop Editor – Funnelforms Free | Medium | 6.5 | 2023-11-22 15:33:23 | Deep Dive |
| CVE-2023-5417 | Funnelforms Free <= 3.4 - Missing Authorization to Category Update | funnelforms | Interactive Contact Form and Multi Step Form Builder with Drag & Drop Editor – Funnelforms Free | Medium | 4.3 | 2023-11-22 15:33:20 | Deep Dive |
| CVE-2023-47757 | WordPress AWeber Plugin <= 7.3.9 is vulnerable to Broken Access Control | AWeber | AWeber – Free Sign Up Form and Landing Page Builder Plugin for Lead Generation and Email Newsletter Growth | Medium | 4.3 | 2023-11-17 08:52:19 | Deep Dive |