| CVE ID | Title | Vendor | Product | Severity | CVSS Score | Published At | AI Analysis |
|---|---|---|---|---|---|---|---|
| CVE-2025-24727 | WordPress Contact Form to Email Plugin <= 1.3.52 - Cross Site Scripting (XSS) vulnerability | codepeople | Contact Form Email | Medium | 5.9 | 2025-01-24 17:25:09 | Deep Dive |
| CVE-2025-24672 | WordPress Form Builder CP Plugin <= 1.2.41 - SQL Injection vulnerability | codepeople | Form Builder CP | High | 8.5 | 2025-01-24 17:24:46 | Deep Dive |
| CVE-2024-13680 | Form Builder CP <= 1.2.41 - Authenticated (Contributor+) SQL Injection | codepeople | Form Builder CP | Medium | 6.5 | 2025-01-24 07:04:09 | Deep Dive |
| CVE-2025-23812 | WordPress Contact Form 7 Round Robin Lead Distribution Plugin <= 1.2.1 - Reflected Cross Site Scripting (XSS) vulnerability | David Jeffrey | Contact Form 7 Round Robin Lead Distribution | High | 7.1 | 2025-01-22 14:32:13 | Deep Dive |
| CVE-2025-23784 | WordPress Contact Form 7 Round Robin Lead Distribution Plugin <= 1.2.1 - SQL Injection vulnerability | David Jeffrey | Contact Form 7 Round Robin Lead Distribution | 高危 | - | 2025-01-22 14:29:22 | Deep Dive |
| CVE-2025-23925 | WordPress Feedburner Optin Form plugin <= 0.2.8 - Stored Cross Site Scripting (XSS) vulnerability | jp2112 | Feedburner Optin Form | Medium | 6.5 | 2025-01-16 20:07:57 | Deep Dive |
| CVE-2025-23862 | WordPress Contact Form 7 Anti Spambot plugin <= 1.0.1 - Broken Access Control vulnerability | SzMake | Contact Form 7 Anti Spambot | Medium | 5.3 | 2025-01-16 20:07:24 | Deep Dive |
| CVE-2025-23804 | WordPress WP Service Payment Form With Authorize.net Plugin <= 2.6.0 - CSRF to Reflected Cross Site Scripting (XSS) vulnerability | Shiv Prakash Tiwari | WP Service Payment Form With Authorize.net | High | 7.1 | 2025-01-16 20:07:06 | Deep Dive |
| CVE-2025-23623 | WordPress Contact Form 7 – CCAvenue Add-on plugin <= 1.0 - Reflected Cross Site Scripting (XSS) vulnerability | Mahesh Bisen | Contact Form 7 – CCAvenue Add-on | High | 7.1 | 2025-01-16 20:06:28 | Deep Dive |
| CVE-2024-12427 | Multi Step Form <= 1.7.23 - Missing Authorization to Unauthenticated Limited File Upload | mondula2016 | Multi Step Form | Medium | 5.3 | 2025-01-16 09:39:16 | Deep Dive |
| CVE-2025-22761 | WordPress Ajax Contact Form plugin <= 1.4.1 - Stored Cross Site Scripting (XSS) vulnerability | Olaf Lederer | Ajax Contact Form | Medium | 6.5 | 2025-01-15 15:23:24 | Deep Dive |
| CVE-2025-22795 | WordPress Multilang Contact Form Plugin <= 1.5 - Reflected Cross Site Scripting (XSS) vulnerability | digitaldonkey | Multilang Contact Form | High | 7.1 | 2025-01-15 15:23:06 | Deep Dive |
| CVE-2024-12423 | Contact Form 7 Redirect & Thank You Page <= 1.0.7 - Reflected Cross-Site Scripting | scottpaterson | Business Essentials for Contact Form 7 | Medium | 6.1 | 2025-01-15 09:25:55 | Deep Dive |
| CVE-2024-12587 | Contact Form Master <= 1.0.7 - Reflected XSS | Unknown | Contact Form Master | 中危 | - | 2025-01-11 06:00:03 | Deep Dive |
| CVE-2024-13305 | Entity Form Steps - Moderately critical - Cross site scripting - SA-CONTRIB-2024-071 | Drupal | Entity Form Steps | 中危 | - | 2025-01-09 20:25:32 | Deep Dive |
| CVE-2025-22295 | WordPress Tripetto plugin <= 8.0.6 - Cross Site Scripting (XSS) vulnerability | Tripetto | WordPress form builder plugin for contact forms, surveys and quizzes – Tripetto | 中危 | - | 2025-01-09 15:39:33 | Deep Dive |
| CVE-2024-12112 | Easy Form Builder <= 3.8.8 - Missing Authorization to Authenticated (Subscriber+) Stored Cross-Site Scripting | hassantafreshi | Easy Form Builder by WhiteStudio — Drag & Drop Form Builder | Medium | 6.4 | 2025-01-08 03:18:11 | Deep Dive |
| CVE-2024-12713 | SureForms – Drag and Drop Form Builder for WordPress <= 1.2.2 - Missing Authorization to Unauthenticated Protected Post Disclosure | brainstormforce | SureForms – Contact Form, Payment Form & Other Custom Form Builder | Medium | 5.3 | 2025-01-08 03:18:10 | Deep Dive |
| CVE-2024-11826 | Quill Forms | The Best Typeform Alternative | Create Conversational Multi Step Form, Survey, Quiz, Cost Estimation or Donation Form on WordPress <= 3.10.0 - Authenticated (Contributor+) Stored Cross-Site Scripting | mdmag | Quill Forms | Conversational Multi Step Forms, Surveys & quizzes | Medium | 6.4 | 2025-01-07 11:11:12 | Deep Dive |
| CVE-2024-12532 | BWD Elementor Addons <= 4.3.18 - Authenticated (Contributor+) Sensitive Information Exposure via Elementor Templates | bestwpdeveloper | BWD Elementor Addons | Medium | 4.3 | 2025-01-07 11:11:12 | Deep Dive |