| CVE ID | Title | Vendor | Product | Severity | CVSS Score | Published At | AI Analysis |
|---|---|---|---|---|---|---|---|
| CVE-2021-36827 | WordPress Ninja Forms Contact Form plugin <= 3.6.9 - Authenticated Stored Cross-Site Scripting (XSS) vulnerability | Saturday Drive | Ninja Forms Contact Form (WordPress plugin) | Medium | 4.8 | 2022-06-16 17:11:17 | Deep Dive |
| CVE-2022-1604 | MailerLite < 1.5.4 - Reflected Cross-Site Scripting | Unknown | MailerLite – Signup forms (official) | 中危 | - | 2022-06-13 12:42:06 | Deep Dive |
| CVE-2022-31041 | Insufficient content-type validation for uploaded files in open-forms | open-formulieren | open-forms | High | 7.6 | 2022-06-13 12:35:11 | Deep Dive |
| CVE-2022-31040 | Open Redirect in open-forms | open-formulieren | open-forms | High | 7.1 | 2022-06-13 12:10:10 | Deep Dive |
| CVE-2022-1239 | HubSpot < 8.8.15 - Contributor+ Blind SSRF | Unknown | HubSpot – CRM, Email Marketing, Live Chat, Forms & Analytics | 高危 | - | 2022-05-02 16:05:49 | Deep Dive |
| CVE-2022-0879 | Caldera Forms < 1.9.7 - Reflected Cross-Site Scripting | Unknown | Caldera Forms – More Than Contact Forms | 中危 | - | 2022-04-18 17:10:39 | Deep Dive |
| CVE-2022-0884 | Profile Builder < 3.6.8 - Admin+ Stored Cross-Site Scripting | Unknown | Profile Builder – User Profile & User Registration Forms | 中危 | - | 2022-04-04 15:35:55 | Deep Dive |
| CVE-2022-0888 | Ninja Forms - File Uploads Extension <= 3.3.0 - Arbitrary File Upload | SaturdayDrive | Ninja Forms - File Uploads | Critical | 9.8 | 2022-03-23 19:46:51 | Deep Dive |
| CVE-2022-0889 | Ninja Forms - File Uploads Extension <= 3.3.12 - Reflected Cross-Site Scripting | SaturdayDrive | Ninja Forms - File Uploads | High | 7.2 | 2022-03-23 19:46:49 | Deep Dive |
| CVE-2022-0420 | RegistrationMagic < 5.0.2.2 - Admin+ SQL Injection | Unknown | RegistrationMagic – Custom Registration Forms, User Registration and User Login Plugin | 高危 | - | 2022-03-07 08:16:33 | Deep Dive |
| CVE-2022-0163 | Smart Forms < 2.6.71 - Subscriber+ Form Data Download | Unknown | Smart Forms – when you need more than just a contact form | 中危 | - | 2022-03-07 08:16:22 | Deep Dive |
| CVE-2021-25034 | WP User < 7.0 - Reflected Cross-Site Scripting | Unknown | WP User – Custom Registration Forms, Login and User Profile | 中危 | - | 2022-02-28 09:06:32 | Deep Dive |
| CVE-2021-24689 | Contact Forms - Drag & Drop Contact Form Builder <= 1.0.5 - Admin+ Arbitrary System File Read | Unknown | Contact Forms – Drag & Drop Contact Form Builder | 中危 | - | 2022-02-28 09:06:04 | Deep Dive |
| CVE-2022-0653 | Profile Builder – User Profile & User Registration Forms <= 3.6.1 Reflected Cross-Site Scripting | Cozmoslabs | Profile Builder – User Profile & User Registration Forms | Medium | 6.1 | 2022-02-24 18:27:05 | Deep Dive |
| CVE-2021-24874 | Newsletter, SMTP, Email marketing and Subscribe forms by Sendinblue < 3.1.31 - Reflected Cross-Site Scripting | Unknown | Newsletter, SMTP, Email marketing and Subscribe forms by Sendinblue | 中危 | - | 2022-02-14 09:20:36 | Deep Dive |
| CVE-2021-24985 | Easy Forms for Mailchimp < 6.8.6 - Reflected Cross-Site Scripting | Unknown | Easy Forms for Mailchimp | 中危 | - | 2022-01-24 08:01:04 | Deep Dive |
| CVE-2021-24923 | Newsletter, SMTP, Email marketing and Subscribe forms by Sendinblue < 3.1.25 - Reflected XSS | Unknown | Newsletter, SMTP, Email marketing and Subscribe forms by Sendinblue | 中危 | - | 2022-01-24 08:00:55 | Deep Dive |
| CVE-2021-24862 | RegistrationMagic < 5.0.1.6 - Admin+ SQL Injection | Unknown | RegistrationMagic – Custom Registration Forms, User Registration and User Login Plugin | 高危 | - | 2022-01-10 15:30:30 | Deep Dive |
| CVE-2021-24902 | Typebot < 1.4.3 - Admin+ Stored Cross Site Scripting | Unknown | Typebot | Build beautiful conversational forms | 中危 | - | 2021-12-27 10:33:20 | Deep Dive |
| CVE-2021-24907 | Everest Forms < 1.8.0 - Reflected Cross-Site Scripting | Unknown | Contact Form, Drag and Drop Form Builder for WordPress – Everest Forms | 中危 | - | 2021-12-21 08:45:34 | Deep Dive |