| CVE ID | Title | Vendor | Product | Severity | CVSS Score | Published At | AI Analysis |
|---|---|---|---|---|---|---|---|
| CVE-2023-2877 | Formidable Forms < 6.3.1 - Subscriber+ Remote Code Execution | Unknown | Formidable Forms | 高危 | - | 2023-06-27 13:17:13 | Deep Dive |
| CVE-2023-29434 | WordPress Optin Forms Plugin <= 1.3.1 is vulnerable to Cross Site Scripting (XSS) | FancyThemes | Optin Forms – Simple List Building Plugin for WordPress | Medium | 5.9 | 2023-06-26 10:08:55 | Deep Dive |
| CVE-2023-35095 | WordPress Flo Forms Plugin <= 1.0.40 is vulnerable to Cross Site Scripting (XSS) | Flothemes | Flo Forms – Easy Drag & Drop Form Builder | Medium | 5.9 | 2023-06-20 13:30:02 | Deep Dive |
| CVE-2023-2563 | WordPress Contact Forms by Cimatti <= 1.5.7 - Cross-Site Request Forgery via _accua_forms_form_edit_action | cimatti | Contact Forms by Cimatti | Medium | 4.3 | 2023-06-13 01:48:08 | Deep Dive |
| CVE-2023-1323 | Easy Forms for MailChimp < 6.8.9 - Admin+ Stored XSS | Unknown | Easy Forms for Mailchimp | 中危 | - | 2023-06-12 17:28:21 | Deep Dive |
| CVE-2020-36717 | Kali Forms <= 2.1.1 - Cross-Site Request Forgery | wpchill | Kali Forms — Contact Form & Drag-and-Drop Builder | High | 8.8 | 2023-06-07 01:51:36 | Deep Dive |
| CVE-2021-4367 | Flo Forms – Easy Drag & Drop Form Builder <= 1.0.35 - Options Change to Stored Cross-Site Scripting | flothemesplugins | Flo Forms – Easy Drag & Drop Form Builder | Medium | 6.4 | 2023-06-07 01:51:35 | Deep Dive |
| CVE-2020-36720 | Kali Forms <= 2.1.1 - Missing Authorization to Settings Update | wpchill | Kali Forms — Contact Form & Drag-and-Drop Builder | High | 7.1 | 2023-06-07 01:51:34 | Deep Dive |
| CVE-2020-36712 | Kali Forms <= 2.1.1 - Unauthenticated Arbitrary Post Deletion | wpchill | Kali Forms — Contact Form & Drag-and-Drop Builder | High | 8.6 | 2023-06-07 01:51:32 | Deep Dive |
| CVE-2015-10117 | Gravity Forms DPS PxPay Plugin cross site scripting | - | Gravity Forms DPS PxPay Plugin | Low | 3.5 | 2023-06-06 02:00:04 | Deep Dive |
| CVE-2023-2472 | Newsletter, SMTP, Email marketing and Subscribe forms by Sendinblue < 3.1.61 - Reflected XSS | Unknown | Newsletter, SMTP, Email marketing and Subscribe forms by Sendinblue | 中危 | - | 2023-06-05 13:39:03 | Deep Dive |
| CVE-2023-2488 | Stop Spammers Security < 2023 - Reflected XSS | Unknown | Stop Spammers Security | Block Spam Users, Comments, Forms | 中危 | - | 2023-06-05 13:38:59 | Deep Dive |
| CVE-2023-2489 | Stop Spammers Security < 2023 - Admin+ Stored XSS | Unknown | Stop Spammers Security | Block Spam Users, Comments, Forms | 中危 | - | 2023-06-05 13:38:59 | Deep Dive |
| CVE-2023-2836 | CRM Perks Forms <= 1.1.1 - Authenticated (Admin+) Stored Cross-Site Scripting | crmperks | CRM Perks Forms – WordPress Form Builder | Medium | 4.4 | 2023-05-31 03:36:11 | Deep Dive |
| CVE-2023-2518 | Easy Forms for Mailchimp < 6.8.9 - Reflected XSS | Unknown | Easy Forms for Mailchimp | 中危 | - | 2023-05-30 07:49:12 | Deep Dive |
| CVE-2023-27613 | WordPress Forms Ada Plugin <= 1.0 is vulnerable to Cross Site Scripting (XSS) | MonitorClick | Forms Ada – Form Builder | High | 7.1 | 2023-05-29 14:06:06 | Deep Dive |
| CVE-2023-28413 | WordPress plugin Snow Monkey Forms 路径遍历漏洞 | Monkey Wrench Inc. | Snow Monkey Forms | 超危 | - | 2023-05-23 00:00:00 | Deep Dive |
| CVE-2023-2706 | OTP Login Woocommerce & Gravity Forms <= 2.2 - Authentication Bypass to Privilege Escalation | xootix | OTP Login & Register Woocommerce | High | 8.1 | 2023-05-17 01:58:49 | Deep Dive |
| CVE-2023-2548 | RegistrationMagic <= 5.2.0.5 - Authenticated (Admin+) Insecure Direct Object Reference to Arbitrary User Password Change | metagauss | RegistrationMagic – Custom Registration Forms, User Registration, Payment, and User Login | Medium | 6.6 | 2023-05-16 08:40:02 | Deep Dive |
| CVE-2023-2499 | RegistrationMagic <= 5.2.1.0 - Authentication Bypass | metagauss | RegistrationMagic – Custom Registration Forms, User Registration, Payment, and User Login | Critical | 9.8 | 2023-05-16 08:40:01 | Deep Dive |