| CVE-2024-23522 | WordPress Formidable Forms plugin <= 6.7 - Content Injection vulnerability | Strategy11 Form Builder Team | Formidable Forms | Medium | 5.3 | 2024-05-17 08:47:40 | Deep Dive |
| CVE-2024-34817 | WordPress Integration for Pipedrive and Contact Form 7, WPForms, Elementor, Ninja Forms plugin <= 1.2.0 - Cross Site Request Forgery (CSRF) vulnerability | CRM Perks | Integration for Pipedrive and Contact Form 7, WPForms, Elementor, Ninja Forms | Medium | 4.3 | 2024-05-10 08:35:23 | Deep Dive |
| CVE-2024-34380 | WordPress ChatBot Conversational Forms plugin <= 1.2.0 - Cross Site Scripting (XSS) vulnerability | QuantumCloud | Conversational Forms for ChatBot | Medium | 5.9 | 2024-05-06 18:25:50 | Deep Dive |
| CVE-2023-7065 | Stop Spammers Security | Block Spam Users, Comments, Forms <= 2024.4 - Cross-Site Request Forgery (CSRF) via sfs_process | webguyio | Stop Spammers Classic | Medium | 5.4 | 2024-05-04 07:36:21 | Deep Dive |
| CVE-2024-3715 | Database for Contact Form 7, WPforms, Elementor forms <= 1.3.8 - Unauthenticated Stored Cross-Site Scripting | crmperks | Database for Contact Form 7, WPforms, Elementor forms | High | 7.2 | 2024-05-02 16:52:31 | Deep Dive |
| CVE-2024-2797 | MailerLite – Signup forms (official) <= 1.7.6 - Missing Authorization | mailerlite | MailerLite – Signup forms (official) | Medium | 5.3 | 2024-05-02 16:52:27 | Deep Dive |
| CVE-2024-2542 | Jotform Online Forms <= 1.3.1 - Authenticated(Contributor+) Stored Cross-Site Scripting via Shortcode | jotform | Online Forms — Customizable Payment, Contact, Quiz, Survey Form Builder – Jotform | Medium | 6.4 | 2024-05-02 16:52:25 | Deep Dive |
| CVE-2024-1386 | WordPress plugin MailerLite 安全漏洞 | mailerlite | MailerLite – Signup forms (official) | Medium | 6.4 | 2024-05-02 16:52:17 | Deep Dive |
| CVE-2024-33593 | WordPress Smart Forms plugin <= 2.6.91 - Broken Access Control vulnerability | RedNao | Smart Forms | Medium | 4.3 | 2024-04-29 10:09:07 | Deep Dive |
| CVE-2024-1905 | Smart Forms < 2.6.96 - Admin+ Stored XSS | Unknown | Smart Forms | - | - | 2024-04-29 06:00:01 | Deep Dive |
| CVE-2024-32130 | WordPress Payment Forms for Paystack plugin <= 3.4.1 - Cross Site Scripting (XSS) vulnerability | Paystack | Payment Forms for Paystack | Medium | 6.5 | 2024-04-17 09:59:35 | Deep Dive |
| CVE-2024-32510 | WordPress WP Cost Estimation & Payment Forms Builder plugin <= 10.1.75 - Reflected Cross Site Scripting (XSS) vulnerability | Loopus | WP Cost Estimation & Payment Forms Builder | High | 7.1 | 2024-04-17 09:50:19 | Deep Dive |
| CVE-2024-32527 | WordPress Jotform Online Forms plugin <= 1.3.1 - Cross Site Scripting (XSS) vulnerability | Jotform | Jotform Online Forms | Medium | 6.5 | 2024-04-17 09:46:26 | Deep Dive |
| CVE-2023-36505 | WordPress Ninja Forms Plugin <= 3.6.24 is vulnerable to Arbitrary File Deletion | Saturday Drive | Ninja Forms Contact Form | Medium | 6.8 | 2024-04-17 09:09:33 | Deep Dive |
| CVE-2024-32509 | WordPress WP Cost Estimation & Payment Forms Builder plugin <= 10.1.76 - Broken Access Control vulnerability | Loopus | WP Cost Estimation & Payment Forms Builder | Medium | 6.5 | 2024-04-17 07:43:18 | Deep Dive |
| CVE-2024-31378 | WordPress MailChimp Forms by MailMunch plugin <= 3.2.1 - Cross Site Request Forgery (CSRF) vulnerability | MailMunch | MailChimp Forms by MailMunch | Medium | 5.4 | 2024-04-15 10:21:58 | Deep Dive |
| CVE-2024-32134 | WordPress Forms to Zapier plugin <= 1.1.12 - Auth. SQL Injection vulnerability | Nasirahmed | Forms to Zapier, Integromat, IFTTT, Workato, Automate.io, elastic.io, Built.io, APIANT, Webhook | High | 7.6 | 2024-04-15 07:32:48 | Deep Dive |
| CVE-2024-1307 | Smart Forms < 2.6.94 - Subscriber+ Edit Entries via Broken Access Control | Unknown | Smart Forms | - | - | 2024-04-15 05:00:04 | Deep Dive |
| CVE-2024-1306 | Smart Forms < 2.6.94 - Edit Entries via CSRF | Unknown | Smart Forms | - | - | 2024-04-15 05:00:03 | Deep Dive |
| CVE-2024-25572 | WordPress Plugin Ninja Forms Contact Form 安全漏洞 | Saturday Drive | Ninja Forms | - | - | 2024-04-11 02:29:39 | Deep Dive |