| CVE-2024-6069 | Pie Register - Basic <= 3.8.3.4 - Missing Authorization to Authenticated (Subscriber+) Arbitrary Plugin Installation | genetechproducts | Pie Register – User Registration, Profiles & Content Restriction | High | 8.8 | 2024-07-09 08:33:11 | Deep Dive |
| CVE-2024-6313 | Gutenberg Forms <= 2.2.9 - Unauthenticated Arbitrary File Upload | nikolaystrikhar | Gutenberg Forms – WordPress Form Builder Plugin | Critical | 9.8 | 2024-07-09 07:38:47 | Deep Dive |
| CVE-2022-45803 | WordPress Gutenberg Forms plugin <= 2.2.8.3 - Auth. Broken Access Control vulnerability | Nikolay Strikhar | WordPress Form Builder Plugin – Gutenberg Forms | Medium | 6.5 | 2024-06-21 13:35:51 | Deep Dive |
| CVE-2023-38393 | WordPress Ninja Forms plugin <= 3.6.25 - Subscriber+ Broken Access Control vulnerability | Saturday Drive | Ninja Forms | High | 7.6 | 2024-06-19 14:15:39 | Deep Dive |
| CVE-2023-38386 | WordPress Ninja Forms plugin <= 3.6.25 - Contributor+ Broken Access Control vulnerability | Saturday Drive | Ninja Forms | High | 7.6 | 2024-06-19 13:06:42 | Deep Dive |
| CVE-2023-51377 | WordPress Everest Forms plugin <= 2.0.3 - Broken Access Control vulnerability | WPEverest | Everest Forms | Medium | 5.3 | 2024-06-14 05:45:05 | Deep Dive |
| CVE-2023-51413 | WordPress Piotnet Forms plugin <= 1.0.29 - Broken Access Control vulnerability | - | Piotnet Forms | Medium | 5.3 | 2024-06-12 09:13:57 | Deep Dive |
| CVE-2024-35742 | WordPress Easy Forms for Mailchimp plugin <= 6.9.0 - Broken Access Control vulnerability | Code Parrots | Easy Forms for Mailchimp | Medium | 5.3 | 2024-06-10 07:40:35 | Deep Dive |
| CVE-2024-2368 | Mollie Forms <= 2.6.13 - Cross-Site Request Forgery to Arbitrary Post Duplication | ndijkstra | Mollie Forms | Medium | 4.3 | 2024-06-05 06:50:28 | Deep Dive |
| CVE-2024-5149 | BuddyForms <= 2.8.9 - Email Verification Bypass due to Insufficient Randomness | themekraft | Post Form – Registration Form – Profile Form for User Profiles – Frontend Content Forms for User Submissions (UGC) | Medium | 6.5 | 2024-06-05 04:32:25 | Deep Dive |
| CVE-2024-25095 | WordPress Easy Forms for Mailchimp plugin <= 6.9.0 - Sensitive Data Exposure via Log File vulnerability | Code Parrots | Easy Forms for Mailchimp | High | 7.5 | 2024-06-04 18:37:50 | Deep Dive |
| CVE-2024-35668 | WordPress Newsletter, SMTP, Email marketing and Subscribe forms by Brevo plugin <= 3.1.77 - Reflected Cross Site Scripting (XSS) vulnerability | Brevo | Newsletter, SMTP, Email marketing and Subscribe forms by Sendinblue | High | 7.1 | 2024-06-04 13:48:46 | Deep Dive |
| CVE-2023-48276 | WordPress WP Forms Puzzle Captcha plugin <= 4.1 - Captcha Bypass vulnerability | Nitin Rathod | WP Forms Puzzle Captcha | Medium | 5.3 | 2024-06-04 10:20:30 | Deep Dive |
| CVE-2024-35239 | Stored Cross-site Scripting on Components of Umbraco Forms | umbraco | Umbraco.Forms.Issues | Low | 2.7 | 2024-05-28 20:15:29 | Deep Dive |
| CVE-2024-4157 | Contact Form Plugin by Fluent Forms for Quiz, Survey, and Drag & Drop WP Form Builder <= 5.1.15 - PHP Object Injection via extractDynamicValues | techjewel | Fluent Forms – Customizable Contact Forms, Survey, Quiz, & Conversational Form Builder | High | 7.5 | 2024-05-22 07:37:24 | Deep Dive |
| CVE-2024-4709 | Contact Form Plugin by Fluent Forms for Quiz, Survey, and Drag & Drop WP Form Builder <= 5.1.16 - Authenticated (Contributor+) Stored Cross-Site Scripting | techjewel | Fluent Forms – Customizable Contact Forms, Survey, Quiz, & Conversational Form Builder | Medium | 6.4 | 2024-05-18 07:38:35 | Deep Dive |
| CVE-2024-2772 | Contact Form Plugin by Fluent Forms for Quiz, Survey, and Drag & Drop WP Form Builder <= 5.1.13 - Authenticated (Subscriber+) Stored Cross-Site Scripting | techjewel | Fluent Forms – Customizable Contact Forms, Survey, Quiz, & Conversational Form Builder | Medium | 6.4 | 2024-05-18 07:38:33 | Deep Dive |
| CVE-2024-2782 | Contact Form Plugin by Fluent Forms for Quiz, Survey, and Drag & Drop WP Form Builder <= 5.1.16 - Missing Authorization to Setting Manipulation | techjewel | Fluent Forms – Customizable Contact Forms, Survey, Quiz, & Conversational Form Builder | High | 7.5 | 2024-05-18 07:38:33 | Deep Dive |
| CVE-2024-2771 | Contact Form Plugin by Fluent Forms for Quiz, Survey, and Drag & Drop WP Form Builder <= 5.1.16 - Missing Authorization to Settings Update and Limited Privilege Escalation | techjewel | Fluent Forms – Customizable Contact Forms, Survey, Quiz, & Conversational Form Builder | Critical | 9.8 | 2024-05-18 07:38:21 | Deep Dive |
| CVE-2024-35174 | WordPress Flo Forms plugin <= 1.0.42 - Broken Access Control vulnerability | Flothemes | Flo Forms | Medium | 5.3 | 2024-05-17 10:18:27 | Deep Dive |