| CVE-2024-5325 | Form Vibes <= 1.4.10 - Authenticated (Subscriber+) SQL Injection via fv_export_data | wpvibes | Form Vibes – Database Manager for Forms | High | 8.8 | 2024-07-12 12:47:02 | Deep Dive |
| CVE-2024-37498 | WordPress Tablesome plugin <= 1.0.33 - Sensitive Data Exposure via API vulnerability | Pauple | Table & Contact Form 7 Database – Tablesome | Medium | 5.3 | 2024-07-10 17:47:56 | Deep Dive |
| CVE-2024-6550 | Gravity Forms: Multiple Form Instances <= 1.1.1 - Unauthenticated Full Path Disclosure | tyxla | Gravity Forms: Multiple Form Instances | Medium | 5.3 | 2024-07-10 03:32:35 | Deep Dive |
| CVE-2024-6069 | Pie Register - Basic <= 3.8.3.4 - Missing Authorization to Authenticated (Subscriber+) Arbitrary Plugin Installation | genetechproducts | Pie Register – User Registration, Profiles & Content Restriction | High | 8.8 | 2024-07-09 08:33:11 | Deep Dive |
| CVE-2024-6313 | Gutenberg Forms <= 2.2.9 - Unauthenticated Arbitrary File Upload | nikolaystrikhar | Gutenberg Forms – WordPress Form Builder Plugin | Critical | 9.8 | 2024-07-09 07:38:47 | Deep Dive |
| CVE-2024-6123 | Bit Form <= 2.13.3 - Authenticated (Administrator+) Arbitrary File Upload | bitpressadmin | Bit Form – Custom Contact Form, Multi Step, Conversational Form & Payment Form builder | High | 7.2 | 2024-07-09 07:38:45 | Deep Dive |
| CVE-2024-6316 | Generate PDF using Contact Form 7 <= 4.1.2 - Cross-Site Request Forgery to Arbitrary File Upload | zealopensource | Generate PDF using Contact Form 7 | High | 8.8 | 2024-07-09 07:38:45 | Deep Dive |
| CVE-2024-6317 | Generate PDF using Contact Form 7 <= 4.1.2 - Cross-Site Request Forgery to Arbitrary File Deletion | zealopensource | Generate PDF using Contact Form 7 | High | 8.8 | 2024-07-09 07:38:44 | Deep Dive |
| CVE-2024-37555 | WordPress Generate PDF using Contact Form 7 plugin <= 4.1.2 - CSRF to Arbitrary File Upload vulnerability | ZealousWeb | Generate PDF using Contact Form 7 | Critical | 9.1 | 2024-07-09 07:21:53 | Deep Dive |
| CVE-2024-5260 | Sina Extension for Elementor <= 3.5.5 - Authenticated (Contributor+) Stored Cross-Site Scripting via read_more_text Parameter | shaonsina | Sina Extension for Elementor | Medium | 6.4 | 2024-07-02 08:32:52 | Deep Dive |
| CVE-2024-5419 | Void Contact Form 7 Widget For Elementor Page Builder <= 2.4 - Authenticated (Contributor+) Stored Cross-Site Scripting via cf7_redirect_page Attribute | voidthemes | Void Contact Form 7 Widget For Elementor Page Builder | Medium | 6.4 | 2024-07-02 03:14:52 | Deep Dive |
| CVE-2024-6130 | Form Maker by 10Web < 1.15.26 - Admin+ Stored XSS | Unknown | Form Maker by 10Web | - | - | 2024-07-01 06:00:02 | Deep Dive |
| CVE-2024-6265 | UsersWP – Front-end login form, User Registration, User Profile & Members Directory plugin for WordPress <= 1.2.10 - Unauthenticated SQL Injection via 'uwp_sort_by' | stiofansisland | UsersWP – Front-end login form, User Registration, User Profile & Members Directory plugin for WP | Critical | 9.8 | 2024-06-29 04:33:28 | Deep Dive |
| CVE-2024-4704 | Contact Form 7 < 5.9.5 - Unauthenticated Open Redirect | Unknown | Contact Form 7 | - | - | 2024-06-27 06:00:04 | Deep Dive |
| CVE-2024-6297 | Several WordPress.org Plugins <= Various Versions - Injected Backdoor | warfareplugins | Social Sharing Plugin – Social Warfare | Critical | 10.0 | 2024-06-25 03:30:38 | Deep Dive |
| CVE-2022-45803 | WordPress Gutenberg Forms plugin <= 2.2.8.3 - Auth. Broken Access Control vulnerability | Nikolay Strikhar | WordPress Form Builder Plugin – Gutenberg Forms | Medium | 6.5 | 2024-06-21 13:35:51 | Deep Dive |
| CVE-2024-5036 | Sina Extension for Elementor (Slider, Gallery, Form, Modal, Data Table, Tab, Particle, Free Elementor Widgets & Elementor Templates) <= 3.5.4 - Authenticated (Contributor+) DOM-Based Stored Cross-Site Scripting | shaonsina | Sina Extension for Elementor | Medium | 6.4 | 2024-06-20 11:06:02 | Deep Dive |
| CVE-2024-0427 | Arforms < 6.4.1 - Reflected XSS | Unknown | ARForms - Premium WordPress Form Builder Plugin | - | - | 2024-06-12 06:00:02 | Deep Dive |
| CVE-2024-4266 | MetForm – Contact Form, Survey, Quiz, & Custom Form Builder for Elementor <= 3.8.8 - Unauthenticated Sensitive Information Exposure | roxnor | MetForm – Contact Form, Survey, Quiz, & Custom Form Builder for Elementor | Medium | 5.3 | 2024-06-11 07:32:26 | Deep Dive |
| CVE-2024-3723 | Advanced Contact form 7 DB <= 2.0.2 - Sensitive Information Exposure | vsourz1td | Advanced Contact form 7 DB | Medium | 5.3 | 2024-06-11 05:33:41 | Deep Dive |