Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee
Vulnerability List
Clear Filters
Found 623 results
CVE IDTitleVendorProductSeverityCVSS ScorePublished AtAI Analysis
CVE-2023-45275 WordPress Contact Form builder with drag & drop plugin <= 2.3.28 - Broken Access Control vulnerability WP ChillKali Forms 中危 -2025-01-02 11:59:52 Deep Dive
CVE-2024-56060 WordPress HTML Forms plugin <= 1.4.1 - Reflected Cross Site Scripting (XSS) vulnerability Link Software LLCHTML Forms High 7.1 2025-01-02 09:13:24 Deep Dive
CVE-2024-12238 Ninja Forms – The Contact Form Builder That Grows With You <= 3.8.22 - Authenticated (Subscriber+) Arbitrary Shortcode Execution kstoverNinja Forms – The Contact Form Builder That Grows With You Medium 6.3 2024-12-29 05:22:54 Deep Dive
CVE-2024-10862 NEX-Forms <= 8.7.15 - Authenticated (Admin+) SQL Injection webawaysNEX-Forms – Ultimate Forms Plugin for WordPress Medium 4.9 2024-12-25 06:42:14 Deep Dive
CVE-2024-54398 WordPress Flaming Forms plugin <= 1.0.1 - CSRF to Stored XSS vulnerability jcaruso001Flaming Forms High 7.1 2024-12-16 14:14:03 Deep Dive
CVE-2024-10646 Contact Form Plugin by Fluent Forms for Quiz, Survey, and Drag & Drop WP Form Builder <= 5.2.6 - Unauthenticated Stored Cross-Site Scripting via Form Subject techjewelFluent Forms – Customizable Contact Forms, Survey, Quiz, & Conversational Form Builder High 7.2 2024-12-14 05:34:14 Deep Dive
CVE-2023-40203 WordPress MailChimp Forms by MailMunch plugin <= 3.1.4 - Broken Access Control mailmunchMailChimp Forms by MailMunch Medium 4.3 2024-12-13 14:24:06 Deep Dive
CVE-2023-35051 WordPress Contact Forms by Cimatti plugin <= 1.5.7 - Broken Access Control vulnerability cimattiContact Forms by Cimatti Medium 5.4 2024-12-13 14:23:39 Deep Dive
CVE-2023-34387 WordPress Constant Contact Forms plugin <= 2.0.3 - Broken Access Control vulnerability Constant ContactConstant Contact Forms Medium 4.3 2024-12-13 14:23:38 Deep Dive
CVE-2022-45806 WordPress Formidable Forms plugin <= 5.5.4 - Broken Access Control vulnerability Strategy11 TeamFormidable Forms Medium 4.3 2024-12-13 14:22:02 Deep Dive
CVE-2024-11052 Ninja Forms – The Contact Form Builder That Grows With You <= 3.8.19 - Unauthenticated Stored Cross-Site Scripting via Form Calculations kstoverNinja Forms – The Contact Form Builder That Grows With You High 7.2 2024-12-12 05:24:24 Deep Dive
CVE-2024-10182 Cognito Forms <= 2.0.7 - Authenticated (Contributor+) Stored Cross-Site Scripting via id Parameter cognitoappsCognito Forms Medium 6.4 2024-12-12 04:23:13 Deep Dive
CVE-2024-11205 WPForms 1.8.4 - 1.9.2.1 - Missing Authorization to Authenticated (Subscriber+) Payment Refund and Subscription Cancellation smubWPForms – Easy Form Builder for WordPress – Contact Forms, Payment Forms, Surveys, & More High 8.5 2024-12-10 04:23:41 Deep Dive
CVE-2023-49856 WordPress Smart Forms plugin <= 2.6.84 - Authenticated Arbitrary Options Change Vulnerability EDGARROJASSmart Forms 高危 -2024-12-09 11:30:02 Deep Dive
CVE-2024-9651 Contact Form Plugin by Fluent Forms < 5.2.1 - Admin+ Stored XSS UnknownFluent Forms 中危 -2024-12-09 06:00:06 Deep Dive
CVE-2024-11367 Smoove connector for Elementor forms <= 4.1.0 - Reflected Cross-Site Scripting matansmooveSmoove connector for Elementor forms Medium 6.1 2024-12-07 09:27:05 Deep Dive
CVE-2024-11353 SMS for Lead Capture Forms <= 1.1.0 - Missing Authorization to Authenticated (Subscriber+) Arbitrary Message Deletion clicksendSMS for Lead Capture Forms Medium 4.3 2024-12-07 01:45:52 Deep Dive
CVE-2024-53808 WordPress NEX-Forms plugin <= 8.7.8 - SQL Injection vulnerability BasixNEX-Forms High 8.5 2024-12-06 13:06:28 Deep Dive
CVE-2024-10909 Pojo Forms <= 1.4.7 - Authenticated (Subscriber+) Arbitrary Shortcode Execution via form_preview_shortcode kingyesPojo Forms Medium 6.3 2024-12-06 09:22:59 Deep Dive
CVE-2024-40745 Extension - tassos.gr - Reflected Cross site scripting vulnerability in Convert Forms component for Joomla < 4.4.8 tassos.grConvert Forms component for Joomla 中危 -2024-12-04 15:02:06 Deep Dive